Rule to detect external or CDN references in HTML?

My company deploys sensitive applications, for which all content (pages, API calls, JS, web resources) must be served from an unique domain name. We are not allowed to use content from a 3rd party website, CDN or anything else.
Our applications currently use React app as frontend to generate HTML pages, and a Java backend.
I was looking for an existing rule to enforce this, but I could not find such. From existing topic, it seems I can’t create a custom rule for this requirement.
Is there a way to validate this with Sonar, or should I search for another solution?


we currently don’t have any such rule, however the idea is interesting. I will ping our product manager to track this as a feature request. @gab