We need to do the CORS checks in the network process.
<rdar://problem/39010987>
Marking as duplicate of https://bugs.webkit.org/show_bug.cgi?id=184240. We now have the ability to do all CORS checks (as well as CSP and content blockers) in NetworkProcess. This is demonstrated for synchronous XHR and beacon. We now need to activate these CORS checks for other load types (async XHR, fetch, images...). This will be handled in other bugzilla entries. *** This bug has been marked as a duplicate of bug 184240 ***