This is a known issue. Unfortunately, there is no easy fix for it. Earlier attempt to fix bug# 231932, which would also solve this bug, resulted in the crash reported in bug# 287778. Hopefully, we can figure out how to address this problem without causing new regressions.

(In reply to comment #0)
> User-Agent:       Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.34 (KHTML,
> like Gecko) rekonq Safari/534.34
> Build Identifier: 
> 
> When setting the third parameter of XMLHttpRequest.send to false to make the
> request synchronous, rekonq and konqueror with webkit engine do not send the
> "Authorization" HTTP header to the server thereby failing to authenticate
> the request. It does work as expected for the default asynchronous requests.
> 
> Reproducible: Always
> 
> Steps to Reproduce:
> 1. go to http://niner.name/rekonq_ajax_basic_auth_bug/
> 2. login with user name "test" and password "test"
> 3. press the "sync request" button
> Actual Results:  
> an alert pops up with a "Fail: 401 Authorization Required" message
> 
> Expected Results:  
> an alert pops up with a "Win" message like it does when pressing the "async
> request" button

Git commit 2cf247f4ebdee44d0620e57f9cd17fa963b36b73 by Dawit Alemayehu.
Committed on 11/05/2012 at 19:35.
Pushed by adawit into branch 'KDE/4.8'.

Revert commit 462a06ea as it causes many regressions. Use KIO::synchronousRun
to fulfill synchrounous XmlHttpRequest instead.

Unofrtunately this means that the fix for the crash reported in bug# 287778
is reverted until we can find a solution for the side effects of using nested
event loops.
Related: bug 299590, bug 299710, bug 287778
FIXED-IN: 4.8.4

M  +63   -37   kio/kio/accessmanager.cpp
M  +1    -0    kio/kio/accessmanager.h
M  +126  -81   kio/kio/accessmanagerreply_p.cpp
M  +22   -8    kio/kio/accessmanagerreply_p.h

http://commits.kde.org/kdelibs/2cf247f4ebdee44d0620e57f9cd17fa963b36b73