I noticed an unwanted redirect when using the Clean & Lock extension. When a Favicon is setup in the MainWP Dashboard, this file is automatically requested via /favicon.ico and WordPress then loads the image that is setup. But if Clean & Lock is used, the favicon.ico request is redirected to the 301 Redirect URL and can be blocked by CORS.
As a workaround I’ve added
favicon.ico to the excluded slugs, but as this probably is happening on all sites, it should be a default exclusion.