diff --git a/packages/snaps-utils/src/ui.tsx b/packages/snaps-utils/src/ui.tsx
index cad94f4d53..7e623158bc 100644
--- a/packages/snaps-utils/src/ui.tsx
+++ b/packages/snaps-utils/src/ui.tsx
@@ -40,7 +40,7 @@ import { lexer, walkTokens } from 'marked';
 import type { Token, Tokens } from 'marked';
 
 const MAX_TEXT_LENGTH = 50_000; // 50 kb
-const ALLOWED_PROTOCOLS = ['https:', 'mailto:'];
+const DEFAULT_ALLOWED_PROTOCOLS = ['https:', 'mailto:'];
 
 /**
  * Get the button variant from a legacy button component variant.
@@ -320,16 +320,18 @@ function getMarkdownLinks(text: string) {
  * @param link - The link to validate.
  * @param isOnPhishingList - The function that checks the link against the
  * phishing list.
+ * @param allowedProtocols - Allowed protocols (example: ['https:'])
  */
 function validateLink(
   link: string,
   isOnPhishingList: (url: string) => boolean,
+  allowedProtocols: string[] = DEFAULT_ALLOWED_PROTOCOLS,
 ) {
   try {
     const url = new URL(link);
     assert(
-      ALLOWED_PROTOCOLS.includes(url.protocol),
-      `Protocol must be one of: ${ALLOWED_PROTOCOLS.join(', ')}.`,
+      allowedProtocols.includes(url.protocol),
+      `Protocol must be one of: ${allowedProtocols.join(', ')}.`,
     );
 
     const hostname =