Known Bug with 'Enable Secure Static Resources for Lightning Components' Forces Delay to Summer'21
An issue has been introduced by Salesforce with their latest Release Update ‘Enable Secure Static Resources for Lightning Components’ which has resulted in Salesforce having to delay the forced enablement to Summer’21. When enabled, Aura components provided within managed packages that make reference to static resources also packaged with the solution result in Cross-Origin Resource Sharing (CORS) issues.
A quick way to check whether this affects you is by analyzing the browser console for CORS errors when you try to use your Aura component once the Release Update is enabled (example below displaying the AddressTools override when the Release Update is enabled).
Salesforce have officially acknowledged that this is not desired behavior and have delayed the enforcement of this Release Update until Summer’21 with the aim to have a fix completed and available in Spring’21. The official Salesforce release notes have been updated to reflect this.
You can also track the known issue. By using the This Issue Affects me, you will receive updates from Salesforce as they work on resolving the problem.
This Release Update affects AddressTools & IndustryComplete. We suggest disabling this Release Update until Salesforce have released the update resolving the issue. For more information, contact firstname.lastname@example.org.