Our internal websites site behind apache running kerberos. mod_auth_kerb When requesting a site that has css and js files the network requests look like this. request http://localsite/ -- get 401 response. Send request again with Authorization header. Get 200 request http://localsite/some.css -- get 401 response. Send request again with Authorization header. Get 200 request http://localsite/some.js -- get 401 response. Send request again with Authorization header. Get 200 Note, the Authorization header is the same in all 3 requests so it seems pointless to not send it when fetching some.css and some.js. When internet explorer hits the same site the request cycle is request http://localsite/ -- get 401 response. Send request again with Authorization header. Get 200 request http://localsite/some.css with Authorization header get 200 response request http://localsite/some.js with Authorization header get 200 response Instead of 6 requests, IE makes 4. If the page had 10 assets on the page, IE would make 12 HTTP requests and FF would make 22. :-( The HTTP specification - https://tools.ietf.org/html/rfc7235#section-4.2 states "If a request is authenticated and a realm specified, the same credentials are presumed to be valid for all other requests within this realm.." Is there a way to make Firefox send the Authentication header on every request after the 1st like IE does? Maybe there is a configuration I am missing? Thanks Tony