Hi Paul (2021.09.11_06:18:16_+0000) > The web applications available in Debian may suggest visitors request > resources not available on the same web service. Since most web > browsers don't block third-party requests by default, those visitors, > who are only indirectly Debian users, could have a privacy violation. > The same applies when Debian documentation is copied to a website.
Browsers have a mechanism to do this, Content-Security-Policy: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy That can be implemented by injecting <meta> tags into HTML, or serving them through a web server (dhelp/dwww) that can provide CSP http headers. SR -- Stefano Rivera http://tumbleweed.org.za/ +1 415 683 3272
