Open manuelvsousa opened 3 years ago
@manuelvsousa did "HEIST" get fixed it seems like window navigations should bypass "SameSite cookies" from https://github.com/w3c/resource-timing/issues/64#issuecomment-242785022 Considering the SharedArrayBuffer can be used to create a high precision clock https://github.com/whatwg/storage/issues/31 may not be enough to prevent this. https://xsleaks.dev/docs/attacks/timing-attacks/network-timing/#unload-events
Created https://github.com/xsleaks/wiki/pull/114 for compression attacks.
Size Leaks are very important XS-Leaks. They are often addressed in the browser when researchers find exact ways to leak the size. Some mechanisms that still work:
Fixed, but relevant works (we should document them):