You can still target for the screen size using CSS - you can even track changes by creating a css file with literally thousands of thousands of media queries, where each media query sets e.g. the background-image property of a hidden div.
Thanks to gzip compression, this shouldn't even take much data to transfer.
Oh, and as I think of it, would this here still work?
Of course but that will require to also accommodate for the fact that after N queries the circuit/endpoints changes and unless you have a unique tracking system per every "attacked" user (like an random generated ID per CSS served) or a way to store persistent across sessions, Screen Size alone won't be able to identify everyone on the TOR network, and that's my point if you disable JS (raise the security level to the max for the case of the tor browser) you will be good for the most common attacks for "APT's" you pretty much don't stand a chance unless you go "outside the grid" aka don't use the integrated browser.
You have lots of signals to generate without JS. System font base (this alone should provide a fairly unique identifier!), screen aspect ratio, DPI value, "pointer" media query, the relationship between width/device-width... and on non-TOR-scenarios you can fingerprint supported HTTPS encryption layers plus the user-agent. Oh, and you can also passively fingerprint on the presence of an ad blocker.
If you can identify _a single person_ on the TOR network with the TOR Browser, across several sessions, just with the data you are describing and without false positives, it will probably make a case but those attacks are well-know since 2k8 and so far no one has made the same claims you firmly believe, so unless you know something that no-one in the world, then for the common "TOR user", those who use the integrated TOR Browser are in good standing just by disabling JS alone.
If you are THAT paranoid, you should already know that you shouldn't use the integrated browser itself, since you are loosing half the battle just there by giving your adversaries a well-known attack vector.