Hi,
Unfortunately, this is not possible. Adding crossorigin="use-credentials" has serious security implications, as the browser may now send authentication data to another web site. I’m not in favor of an option either (like “Enable crossorigin="use-credentials"“), because it is quite hard to understand and users could enable it without understanding the implications.
May I ask you how you end up with this error? In your example, the web manifest is in the root of your site, but there is no issue in this situation, correct? Is your manifest hosted on another domain? If so, is there a reason why its access is restricted?
Ugh, you can forget about this. The site was restricted in the .htaccess file to only allow access from my own IP address, which apparently caused the issue. Now that the site is published, that error message in the console has disappeared.
Great! Thank you for letting me know.
Best Regards,
Philippe