This is consideration 9 in the parent issue.
Need to look at all third party resources and decide whether they're acceptable on a .onion.
For example, 'Tweet' buttons traditionally load in an iframe, need to consider whether there's any opportunity for leakage there (I've no issue with the onion address being associated with the www. address, but definitely don't want a visitor's real IP being disclosed).
Need to keep in mind that some visitors may not be routing all their port 80/443 traffic via Tor, and instead run a gateway on the local network so that they can transparently access .onion sites (I do).