Add CORB (non-harmful)

Note that I have added this as Proposal as it ought to be removed from Fetch due to its single implementer status.

Closes #81.

activities.json

@@ -263,6 +263,18 @@
     "title": "Credential Management Level 1",
     "url": "https://w3c.github.io/webappsec-credential-management/"
   },
+  {
+    "ciuName": null,
+    "description": "Blocklist certain opaque responses based on MIME type and return an 'emptied' response instead.",
+    "id": "corb",
+    "mozBugUrl": "https://bugzilla.mozilla.org/show_bug.cgi?id=1459357",
+    "mozPosition": "non-harmful",
+    "mozPositionDetail": "While this is an important aspect of a robust Spectre-defense, we would like to see a safelist-based approach pursued.",
+    "mozPositionIssue": 81,
+    "org": "Proposal",
+    "title": "Cross-Origin Read Blocking (CORB)",
+    "url": "https://chromium.googlesource.com/chromium/src/+/master/services/network/cross_origin_read_blocking_explainer.md"
+  },
   {
     "ciuName": null,
     "description": "Add support for Curve25519 algorithms in the Web Cryptography API, namely the signature algorithm Ed25519 and the key agreement algorithm X25519.",