AJAX call following 302 redirect sets origin to null

Question

I\'m doing an AJAX call from domain A to domain B.

My domain B checks if A is in the list of allowed domains and sets the Access-Control-allow-Origin to

Answer 1

I set Access-Control-Allow-Origin: null on domain A and that worked.

Answer 2

See here, this seems to suggest its related to a "privacy-sensitive" context.

Are there any browsers that set the origin header to "null" for privacy-sensitive contexts?