Keep an eye on the CustomElementRegistry API
Custom Elements (https://developer.mozilla.org/en-US/docs/Web/Web_Components/Custom_Elements) can get registered, manipulated and queried by web content. We should make sure there are no linkability risks are associated with that.
For ESR 52 this seems to be still disabled by dom.webcomponents.customelements.enabled = false. We should check that, though.
The tracking bug is https://bugzilla.mozilla.org/show_bug.cgi?id=889230.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information