A simple example would be
if i embed an image in a web page like so`
, since it is a get request and in an img tag, it should go through without any issues, Now since i might have my authorization cookie already for that domain, the img request is made as me.