Fetch: 'password' credentials mode should include credentials.

third_party/WebKit/Source/modules/fetch/FetchManager.cpp

Index: third_party/WebKit/Source/modules/fetch/FetchManager.cpp
diff --git a/third_party/WebKit/Source/modules/fetch/FetchManager.cpp b/third_party/WebKit/Source/modules/fetch/FetchManager.cpp
index 799d030ede6a1c1f0215a04cd89679dcb73ecf7e..f38dc92e552a43869825ca47acb01de19bfedf18 100644
--- a/third_party/WebKit/Source/modules/fetch/FetchManager.cpp
+++ b/third_party/WebKit/Source/modules/fetch/FetchManager.cpp
@@ -602,11 +602,14 @@ void FetchManager::Loader::performHTTPFetch(bool corsFlag, bool corsPreflightFla
     ResourceLoaderOptions resourceLoaderOptions;
     resourceLoaderOptions.dataBufferingPolicy = DoNotBufferData;
     if (m_request->credentials() == WebURLRequest::FetchCredentialsModeInclude
+        || m_request->credentials() == WebURLRequest::FetchCredentialsModePassword

[Mike West, 2016/04/08 18:49:25]

*sobs*

         || (m_request->credentials() == WebURLRequest::FetchCredentialsModeSameOrigin && !corsFlag)) {
         resourceLoaderOptions.allowCredentials = AllowStoredCredentials;
     }
-    if (m_request->credentials() == WebURLRequest::FetchCredentialsModeInclude)
+    if (m_request->credentials() == WebURLRequest::FetchCredentialsModeInclude
+        || m_request->credentials() == WebURLRequest::FetchCredentialsModePassword) {

[Mike West, 2016/04/08 18:49:25]

*more sobs*

         resourceLoaderOptions.credentialsRequested = ClientRequestedCredentials;
+    }
     resourceLoaderOptions.securityOrigin = m_request->origin().get();
 
     ThreadableLoaderOptions threadableLoaderOptions;