I'm trying to embed some Salesforce code, which is working fine on Edge, and some versions of Google Chrome, but some others are giving me the Refused to get unsafe header "Server-Timing" error, even though when checking the Response Headers on Edge I can see both Access-Control-Expose-Headers: Server-Timing and Timing-Allow-Origin: * are included.

I've tried looking around a bit, but there doesn't seem to be a lot regarding this, I'm unsure if this is something I can chock up to a current version of Chrome bug, or if it's something I'd need to bring to Salesforce.