This test aims to show the difference in authentication caching between same-origin requests and cross-origin ones.
Upon pressing one of the buttons, the form will perform two requests: the first passing the Authorization header, and again without it.
If it fails or asks for user/password it means the browser did not cache the authentication data from the first request.