If you recently implemented these new anti-Spectre http security headers and then get complains that your RSS feeds don't work any more - yeah, it's that, even though you probably would've never guessed a connection. Cross-Origin-Resource-Policy breaks RSS in Thunderbird.
Conversation
Replying to
Chromium had a similar issue where it didn't set the origin properly for range requests from the internal PDF viewer. It caused breakage with SameSite cookies too:
bugs.chromium.org/p/chromium/iss
bugs.chromium.org/p/chromium/iss
Incremental and partial PDF loading were disabled as a workaround.

