In the end, I had to add "tainting" for all DOMParser elements. Any tainted element couldn't be inserted into the DOM. All of those escapes were quite bad, but not catastrophic, given that JS would only run when clicked on the malicious user tile.
Отвергнутый влюбленный поджег себя14:50
。体育直播对此有专业解读
The root cause? We drive Chrome's rendering loop frame-by-frame rather than letting it render freely. If no frames are issued for a while, internal buffers go stale. The fix is a warmup loop that continuously issues "skip frames" at ~30fps while waiting for the page to signal it's ready to record:
Захарова поинтересовалась возможностью посмотреть «Терминатора» в Молдавии14:59