r235813 (https://bugs.webkit.org/show_bug.cgi?id=189198) added http/tests/xmlhttprequest/url-with-credentials.html This test fails in GTK. --- /home/slave/webkitgtk/gtk-linux-64-debug-tests/build/layout-test-results/http/tests/xmlhttprequest/url-with-credentials-expected.txt +++ /home/slave/webkitgtk/gtk-linux-64-debug-tests/build/layout-test-results/http/tests/xmlhttprequest/url-with-credentials-actual.txt @@ -4,9 +4,10 @@ PASS () => xhr.responseText is 'User: Password: ' PASS () => xhr.responseText is 'User: foo Password: bar' -PASS () => xhr.responseText is 'User: Password: ' +FAIL () => xhr.responseText should be User: Password: . Was User: foo Password: bar. PASS () => xhr.responseText is 'User: foo Password: bar' PASS successfullyParsed is true +Some tests failed. TEST COMPLETE What is supposed to happen according to the test is that for each XHR request made to a URL with Basic Auth (e.g. http://foo:bar@127.0.0.1:8000/xmlhttprequest/resources/url-with-credentials/), first a request without the Authorization header would be sent and only when the server rejects that, the request is resent again now with the Authorization header. Should we do the same?