What's the best technique for blocking HTML5?



  • I wish to prevent HTML5 content from being loaded by devices on my network. I particularly wish to block content with EME CDMs as these will have direct access to the device operating systems and will be completely out of my control once they have infiltrated the device. My personal simplified intepretation of CDMs is that they are best categorised as root kits. I don't need or want any content carrying a CDM so how best to block it?

    HTML5 content is likely to contain a DTD reference that can be checked but I don't trust browsers to strictly enforce a CDM being carried in HTML5. I would like to prevent CDM's loading from earlier HTML variants just in case.

    Could this be something for Squid or Dans Guardian? I don't think I need to block the entire website, just the pages carrying CDMs.



  • I forgot HTML5 has the far simpler doctype of just html without a DTD reference. I guess this will make it easier to identify HTML5 when parsing the page.

    I have been trying to find out how CDMs will be delivered and so far I can only assume that they will be using local storage or application cache. Could this mean that only something like NoScript will be able to block CDMs?


Log in to reply