This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
This would only be for requests that don't include credentials: https://lists.w3.org/Archives/Public/public-webapps/2015JanMar/0748.html
https://lists.w3.org/Archives/Public/public-webappsec/2015Jun/thread.html#msg11
No use in tracking this here.