We need to pass HTTP_AUTHORIZATION to CGI scripts.
Created attachment 418473 [details]
https://bugs.webkit.org/show_bug.cgi?id=220995 shows us actually using this, in LayoutTests/http/tests/xmlhttprequest/resources/cross-origin-authorization.py. That change is not yet finished, but I wanted to demonstrate that this smaller change is actually needed.
Committed r271909: <https://trac.webkit.org/changeset/271909>
All reviewed patches have been landed. Closing bug and clearing flags on attachment 418473 [details].