I think Mastodon needs a better way of verifying links. Putting HTML potentially visible in a page is a bit 2000. Using .well-known, DNS or even proof of upload (to a specific location) would be better IMHO so as not to interfere with a site that might be in a CMS that blocks some of those.
A protocol for .well-known (had a quick Google, couldn’t see one) would be best IMHO.