diff --git a/fetch/cross-origin-resource-policy/syntax.any.js b/fetch/cross-origin-resource-policy/syntax.any.js
new file mode 100644
index 00000000000000..cf5b06d5c4f4b6
--- /dev/null
+++ b/fetch/cross-origin-resource-policy/syntax.any.js
@@ -0,0 +1,18 @@
+// META: script=/common/get-host-info.sub.js
+
+const crossOriginURL = get_host_info().HTTP_REMOTE_ORIGIN + "/fetch/cross-origin-resource-policy/resources/hello.py?corp=";
+
+[
+  "same",
+  "same, same-origin",
+  "SAME-ORIGIN",
+  "Same-Origin",
+  "same-origin, <>",
+  "same-origin, same-origin"
+].forEach(incorrectHeaderValue => {
+  // Note: an incorrect value results in a successful load, so this test is only meaningful in
+  // implementations with support for the header.
+  promise_test(t => {
+    return fetch(crossOriginURL + encodeURIComponent(incorrectHeaderValue), { mode: "no-cors" });
+  }, "Parsing Cross-Origin-Resource-Policy: " + incorrectHeaderValue);
+});