UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Steps to reproduce the problem:
1. Open http://subdomain1.example.com which fetches a CORS request from api.example.com (which returns a response with header "Access-Control-Allow-Origin: http://subdomain1.example.com")
2. Go to http://subdomain2.example.com which also fetches the same URI with CORS from api.example.com (but now of course gets the header "Access-Control-Allow-Origin: http://subdomain2.example.com")
3. Click the back button in the browser

What is the expected behavior?
Page from step 1, http://subdomain.example.com, should display correctly.

What went wrong?
Page from step 1 seems to re-use the cached response from page 2. The CORS request fails loading with this error:

"XMLHttpRequest cannot load http://api.example.com. The 'Access-Control-Allow-Origin' header has a value 'http://subdomain2.example.com' that is not equal to the supplied origin. Origin 'http://subdomain1.example.com' is therefore not allowed access."

Did this work before? No 

Does this work in other browsers? Yes

Chrome version: 55.0.2883.87  Channel: stable
OS Version: 10.0
Flash Version: Shockwave Flash 24.0 r0

Here is a live testcase switching between "rawgit.com" and "cdn.rawgit.com":

http://rawgit.com/superlupo12/1a9e257419afe7c138f3df053de3a550/raw/5ea69bb640b32a3678614d92e2bc4d70d8b948ac/chrome-history-broken-vary.html

The CORS response also has the necessary "Vary: Origin" header which should prevent mixing up cached responses for the same URI.

Works in current Firefox, Safari, MS Edge and IE 11.