On Windows, go to an URL that uses HTTP basic authentication. rahul.net has an example page at http://joeuser:a.b.C.D@www.rahul.net/joeuser/ (Beware of bug 15441; you'll need to use a version that includes this fix, e.g. Safari Seed 310A15.) "Reset Safari", Quit Safari.exe, configure a proxy server, then browse to the same URL. You'll get an error message that the URL is invalid. If you look at the HTTP headers over the wire, you'll see that when a proxy is used, Safari doesn't pass an "Authorization" HTTP header, but simply requests "GET http://joeuser:a.b.C.D@www.rahul.net/joeuser/", which is not valid. I tested this with the WebKit nightly r26595.
<rdar://problem/5544557>