This page will make a CORS-enabled request for https://cors-test.appspot.com/test with an Authentication header set after the service worker takes control.

The service worker doesn't have a fetch handler, so you would assume that there would be no involvement in that request. That appears to be true the first time the page is loaded, when the serivce worker is initially registered. However, if you then reload the page and look again, the service worker logs a (Service Worker Fallback) entry in the Network DevTools panel, leading to developer confusion.

You can see the entry by opening the DevTools in the current browser after reloading this page, or look at this static screenshot that a developer provided: