SafeHtml sanitizes URLs that you try to "inject" into attributes that it knows are of type URL. This sanitization only accepts HTTP, HTTPS, FTP and MAILTO.
You can use other URLs but you have to explicitly say they're safe to use, by passing them as SafeUri
instances. You'll create such instances using UriUtils.fromTrustedString
or UriUtils.fromSafeConstant
.