The point of using such forms is that one can enter easily links (or menu-entries in your case) without having to write HTML/CSS/JS .... this increased convenience is mostly for end-users, which are normally not aware of security implications, or which are so many, such that a site-wide-admin or a package-admin can't trust all of them. The evil part of redirects is that a user sees a link to a trusted site, but it might direct him to a maybe same-looking fake-site setup for a phishing attack.
So, supporting the flag by default is definitely not a good idea. One could add a parameter in the form definition to allow insecure redirects, but since the form-definitions are as well designed in a way that the user cannot break the system, this does not help, when end-users are allowed to enter/change forms. So a possible path is add a policy which specifies, who is allowed to enter insecure field definitions and extend the form-validator to check these.
but maybe, there are other solutions as well.