Similarly to CSP, onload and onerror are not the only ways to pull it off. The effect of successfully or unsuccessfully loading images or scripts can be usually inferred without that; for example, images have dimensions that, even if you take away the ability to read them directly, can be inferred from the changes to the layout of the nearby elements.