Cross-Origin Read Blocking (CORB) is a security mechanism that prevents attackers from loading certain cross-origin resources 1. This protection was created to defend against speculative side-channel attacks such as Spectre that allow attackers to read the memory of the process that both cross-site pages (e.g. attacker.com and sensitive.com) were embedded into. CORB aims to prevent attackers from loading certain sensitive cross-origin resources into an attacker-controlled process. For example...
