Mozilla Firefox 119 : Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header.