A proxy could inject cookies on a 407 response and even bypass the authentication prompt - could have been used for session fixation attacks.