REOPENED276208
CVE-2025-43480 Mark cross-origin media requests as coming from an opaque source 
https://bugs.webkit.org/show_bug.cgi?id=276208
Summary Mark cross-origin media requests as coming from an opaque source
Matthew Finkel
Reported 2024-07-03 15:35:13 PDT
Mark cross-origin media requests as coming from an opaque source
Attachments
Add attachment proposed patch, testcase, etc.
Matthew Finkel
Comment 1 2024-07-03 17:37:22 PDT
rdar://124946839
Matthew Finkel
Comment 2 2024-07-03 17:37:48 PDT
Pull request: https://github.com/WebKit/WebKit/pull/30476
EWS
Comment 3 2024-07-15 14:30:18 PDT
Committed 280985@main (0473037b5502): <https://commits.webkit.org/280985@main> Reviewed commits have been landed. Closing PR #30476 and removing active labels.
EWS
Comment 4 2024-07-17 08:20:10 PDT
Committed 280938.16@integration/ci/124946839_0473037b55_safari-7619-branch (ff3ade567bdb): <https://commits.webkit.org/280938.16@integration/ci/124946839_0473037b55_safari-7619-branch> Reviewed commits have been landed. Closing PR #1376 and removing active labels.
WebKit Commit Bot
Comment 5 2024-08-07 12:32:28 PDT
Re-opened since this is blocked by bug 277759
Yuki Sekiguchi
Comment 6 2025-12-04 02:27:25 PST
What is the current status of this bug? bug 277759 reverted the associated commit on the main branch, so it appears there is currently no fix in place.
Matthew Finkel
Comment 7 2025-12-04 11:03:11 PST
Yes, apologies for the missed update. This will be fixed in https://github.com/WebKit/WebKit/pull/53958. rdar://133406290
Note You need to log in before you can comment on or make changes to this bug.