This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
Ideally XMLHttpRequest does not have to care about whether a response is tainted and Fetch provides some kind of access to an object that has all the relevant headers hidden and looks like a normal object.
https://github.com/whatwg/fetch/commit/eb0d5a6e0ec3d18e6174cb822123de2b0299ac75