Does anyone have this issue with xhr requests in iframed angular (6 in my case) when added header to back-end response (actually in nginx):
x-content-type-options: nosniff
Cross-Origin Read Blocking (CORB) blocked cross-origin response https://my_back_end_url with MIME type text/html. See https://www.chromestatus.com/feature/5629709824032768 for more details.
but content-type in response in OK:
content-type: application/json
If I remove nosniff header - everything works with no warning
Here is repo with demo and code to reproduce: Here is repo with reproduce code: https://github.com/kievsash/NoSniffOptionTest
Chrome bug https://bugs.chromium.org/p/chromium/issues/detail?id=945767
Will be fixed up to 77 version according to googlers words