requestAnimationFrame API can leak browser history and it can be used to read pixels from cross-origin iframes https://www.contextis.com/en/resources/white-papers/pixel-perfect-timing-attacks-with-html5. Can we do something to prevent these attacks?
requestAnimationFrame API can leak browser history and it can be used to read pixels from cross-origin iframes https://www.contextis.com/en/resources/white-papers/pixel-perfect-timing-attacks-with-html5.
Can we do something to prevent these attacks?