Release Notes Persisted

Fix CORS not being disabled by webSecurity: false.

I have automatically backported this PR to "10-x-y", please check out #25503

I have automatically backported this PR to "11-x-y", please check out #25504

I have automatically backported this PR to "9-x-y", please check out #25505

mark

@zcbenz

I saw this PR has been merged to Electron 11.x, but have not been existed on any of Electron 10 release notes.
Could you please tell me when it will be ready for Electron 10.x ? Thanks.

I tested the related issue on Electron 10.2.0, it still persists. Also tried Electron 11, it did fix the issue.

I just found 10.1.3 has addressed this issue in its release note, but I can still reproduce it. Not clear why.

I had issues with an older version where cors wasn't being disabled by setting websecurity to false.
I would get a 'sameorigin' error. So, updated to latest electron (npm version 13.1.3) and it still has the same issue.
Now I get a message in the electron console (not window console) saying "Failed to load URL: https://google.com/ with error: ERR_BLOCKED_BY_RESPONSE

@vrunhofen please open a new issue with a standalone test case, preferably using Electron Fiddle. Thanks!