Prevent browser history leaks from CSS mix-blend-mode API in Tor Browser
Similar to the old trick of querying the colour of a link on a page to see whether the user has visited that link before, there is a new form of this attack which is made more efficient by querying the :visited attribute on a set of numerous links via defining a boolean algebra with the non-linear CSS blending operators in the mix-blend-mode API.
lcamtuf has a demo of the attack which works in my Tor Browser 6.0.3. We should determine a way to mitigate this attack.