Well, exfiltration via CSS is possible already: https://infosecwriteups.com/exfiltration-via-css-injection-4...
I don't see these new CSS features opening up privacy issues, though.
Hacker News new | past | comments | ask | show | jobs | submit Hacker News new | past | comments | ask | show | jobs | submitI don't see these new CSS features opening up privacy issues, though.