|
|
|
|
|
|
by gpvos
2665 days ago
|
|
|
Would something like Perl's taint functionality work? I.e., all values derived from size, position, colour, pixel data, user agent, etc. are marked as tainted, and are stripped (or randomized or replaced with default values) from data that is sent over XMLHttpRequest and other communication methods. It's probably extremely hard to make that watertight though. |
|
|
For example, multiply the value (e.g. window width) by some huge number, perform a slow operation in a loop that many times, and finally clear a flag. Meanwhile another thread is filling an array one by one until the flag gets cleared. The last non-tainted index in the array indicates your approximate window width.