↳ In-reply-to » I think is part of the code by @eapl.me that I have based my project on. So try to ask him.

hey @mckinley@twtxt.net !

Perhaps your VPN or an extension is injecting some kind of verification before using the site?

The original development doesn’t use JavaScript at all, and has 2 cookies for session managing, short term for guests and long term for the admin (perhaps that has to be changed with current European regulations, not sure)

@darch@darch.dk you could add HTTPS to your site to avoid external services injecting JS to the HTML. I bought a SSL certificate for my shared hosting, sadly it doesn’t support Let’s Encrypt.

But if an extension is doing that, I think there is not much to do from our side.