Allow setting withCredentials in synchronous XMLHttpRequest

closes #10839

tests/wpt/metadata/XMLHttpRequest/send-authentication-basic-cors-not-enabled.htm.ini

@@ -1,5 +0,0 @@
-[send-authentication-basic-cors-not-enabled.htm]
-  type: testharness
-  [XMLHttpRequest: send() - "Basic" authenticated CORS requests with user name and password passed to open() (asserts failure)]
-    expected: FAIL
-

tests/wpt/web-platform-tests/XMLHttpRequest/XMLHttpRequest-withCredentials.js

@@ -16,15 +16,8 @@ function test_withCredentials(worker) {
   test(function() {
     var client = new XMLHttpRequest()
     client.open("GET", "resources/delay.py?ms=1000", false)
-    if (worker) {
-      client.withCredentials = true
-      assert_true(client.withCredentials, "set in OPEN state")
-    } else {
-      assert_throws("InvalidAccessError", function() {
-        client.withCredentials = true
-      })
-      assert_false(client.withCredentials, "set in OPEN state")
-    }
+    client.withCredentials = true
+    assert_true(client.withCredentials, "set in OPEN state")
   }, "setting on synchronous XHR")
 
   async_test(function() {

tests/wpt/web-platform-tests/cors/credentials-flag.htm

@@ -17,12 +17,6 @@ var url = CROSSDOMAIN + 'resources/cors-cookie.py?ident='
  * widthCredentials
  */
 // XXX Do some https tests here as well
-test(function () {
-    var client = new XMLHttpRequest()
-    client.open('GET', CROSSDOMAIN, false)
-    assert_throws(null, function() { client.withCredentials = true; }, 'setting withCredentials')
-}, 'Setting withCredentials on a sync XHR object should throw')
-
 async_test(function () {
     var id = new Date().getTime() + '_1',
         client = new XMLHttpRequest()