Add external links blocking in serve

In many use cases, it is not wanted to have user accidentaly click on external links
and leave the served ZIM content.
This could be because the result is unpredictible (reader not implementing this properly)
or because the serve user knows there's no backup internet connexion or because there is
an induced cost behind external links that doesn't affect served content.

using a new flag (`blockExternalLinks`) on `Response`/`setTaskBar`, a piece of JS code
is injected into the taskbar code.
This code adds a JS handler on all link click events and verifies the destination.
If the destination appears to be an external link (1), the link target is changed to
a specific URL:

```
/external?source=<original_uri>
```

(1) external is a link that's not on the same origin and starts with either `http:` `https:` or `//`.

Server implements a new handler on `/external` that displays a new page (`captured_external.html`)
which returns a generic message explaining the situation and offering to click on the link
again should the user really want to.
This is done by specifically asking `set_taskbar` to not block external requests on that page.

This approach allows integrators using a reverse proxy to handle that endpoint differently (rebrand it)

1. `Server` now has an `m_blockExternalLinks` defaulting to `false`
1. `Server.setTaskbar` is extended to support an additional bool to set the variable.
1. `Response` now has an `m_blockExternalLinks`
1. `Response` constr expects an additional bool for `blockExternalLinks`.
1. `Response.set_taskbar` is extended to support an additional bool to set the variable.
1. JNI/Java Wrapper reflects the extensions.
1. New resource file `templates/block_external.js` (included in head_part). Should it be in skin?
1. New resource file `templates/captured_external.html` for `handle_captured_external()`
1. Added a comment on `head_part.html` to help with JS insertion at the right place
1. `introduce_taskbar()` conditionnaly inserts the JS inside the taskbar

static/resources_list.txt

@@ -28,4 +28,6 @@ templates/index.html
 templates/suggestion.json
 templates/head_part.html
 templates/taskbar_part.html
+templates/captured_external.html
+templates/block_external.js
 opensearchdescription.xml

static/templates/block_external.js

@@ -0,0 +1,17 @@
+  function capture(e) { $(e.target).attr("href", encodeURI("/external?source=" + e.target.href)); }
+  jk( document ).ready(function() {
+    jk("a").on({click: function(e) {
+      if ("target" in e && "href" in e.target) {
+        var href = e.target.href;
+        if (href.indexOf(window.location.origin) == 0)
+          return;
+        if (href.substr(0, 2) == "//")
+          return capture(e);
+        if (href.substr(0, 5) == "http:")
+          return capture(e);
+        if (href.substr(0, 6) == "https:")
+          return capture(e);
+        return;
+      }
+    }});
+  });

static/templates/captured_external.html

@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+  <meta charset="UTF-8" />
+  <title>Welcome to Kiwix Server</title>
+  <script type="text/javascript" src="{{root}}/skin/jquery-ui/external/jquery/jquery.js"></script>
+  <script type="text/javascript" src="{{root}}/skin/jquery-ui/jquery-ui.min.js"></script>
+  <link type="text/css" href="{{root}}/skin/jquery-ui/jquery-ui.min.css" rel="Stylesheet" />
+  <link type="text/css" href="{{root}}/skin/jquery-ui/jquery-ui.theme.min.css" rel="Stylesheet" />
+  <script type="text/javascript" src="{{root}}/skin/taskbar.js" async></script>
+</head>
+<body class="kiwix">
+
+<h1>External link blocked</h1>
+<p>This instance of Kiwix protects you from accidentaly going to external (out-of ZIM) links.</p>
+<p>If you intend to go to such locations, please click the link bellow.</p>
+<p><a href="{{ source }}">Go to {{ source }}</a></p>
+<div id="kiwixfooter">
+  Powered by <a href="https://kiwix.org">Kiwix</a>
+</div>
+
+</body>
+</html>

static/templates/head_part.html

@@ -5,6 +5,7 @@
 <script type="text/javascript" src="{{root}}/skin/jquery-ui/jquery-ui.min.js"></script>
 <script>
   var jk = jQuery.noConflict();
+  // block external links
   jk(function() {
   jk( "#kiwixsearchbox" ).autocomplete({