On that page you'll notice it mentions "request-headers". That was in FF4 and FF5, but was removed in FF6 because of something I reported.
The headers sent in the report included "Proxy-Authorization", so it was possible to steal web proxy credentials by forcing a policy violation on your site. Chromes implementation didn't include the headers from the start. For more info: