[Ref Arch] Hyperlint Automation: Broken Link Fixes (#20048)

---------

Co-authored-by: hyperlint-ai[bot] <154288675+hyperlint-ai[bot]@users.noreply.github.com>

Author: hyperlint-ai[bot]

src/content/docs/reference-architecture/diagrams/security/securing-data-in-transit.mdx

@@ -59,7 +59,7 @@ The following diagram shows a common flow for how Cloudflare inspects a request
 1. User attempts to upload a file to a SaaS application (via a secure tunnel to Cloudflare created by our [device agent](/cloudflare-one/connections/connect-devices/warp/download-warp/)). [Clientless](/cloudflare-one/connections/connect-devices/agentless/) options are supported as well.
 2. Cloudflare's [Secure Web Gateway](/cloudflare-one/policies/gateway/) (SWG) will first verify that the user is permitted to use the requested SaaS application, and then scrutinize the file's payload for [malicious code](/cloudflare-one/policies/gateway/http-policies/antivirus-scanning/) and [sensitive data](/cloudflare-one/policies/data-loss-prevention/).
 3. The DLP profile determines the file contains national identifiers like US Social Security Numbers (SSN).
-4. The SWG policy is configured with a ['block' action](/cloudflare-one/policies/gateway/http-policies/#block), so the attempt is [logged](/cloudflare-one/policies/data-loss-prevention/dlp-policies/logging-options/#log-the-payload-of-matched-rules/) and a [block page](/cloudflare-one/policies/gateway/block-page/) returned to the end user's web browser.
+4. The SWG policy is configured with a ['block' action](/cloudflare-one/policies/gateway/http-policies/#block), so the attempt is [logged](/cloudflare-one/policies/data-loss-prevention/dlp-policies/logging-options/#log-the-payload-of-matched-rules) and a [block page](/cloudflare-one/policies/gateway/block-page/) returned to the end user's web browser.
 
 ## Related resources
 

src/content/docs/reference-architecture/diagrams/security/securing-data-in-use.mdx

@@ -35,7 +35,7 @@ The following diagram visualizes a typical interaction between a user, RBI and a
 2. Cloudflare’s [Secure Web Gateway](/cloudflare-one/policies/gateway/) (SWG) will first verify that the user is permitted to access ChatGPT.
 3. Cloudflare’s patented Network Vector Rendering (NVR) process begins as a headless browser on our edge network starts and rasterizes the web app, which involves writing SKIA draw commands.
 4. NVR intercepts those draw commands > tokenizes them > compresses them > encrypts them > and sends them to the local web browser.
-5. Because this request is running isolated, the policy also enforces preventing the user from [copying and pasting](/cloudflare-one/policies/browser-isolation/isolation-policies/#disable-copy--paste) sensitive content to ChatGPT from their local machine. Additional [policy settings](/cloudflare-one/policies/browser-isolation/isolation-policies/#policy-settings), such as ‘Disable printing’, ‘Disable upload / download’, and more are available as well.
+5. Because this request is running isolated, the policy also enforces preventing the user from [copying and pasting](/cloudflare-one/policies/browser-isolation/isolation-policies/#copy-from-remote-to-client) sensitive content to ChatGPT from their local machine. Additional [policy settings](/cloudflare-one/policies/browser-isolation/isolation-policies/#policy-settings), such as ‘Disable printing’, ‘Disable upload / download’, and more are available as well.
 
 ## Related resources