According to the W3C spec, user credentials should never be sent with preflight (OPTIONS) requests. This means that the server should respond to an OPTIONS request even if the eventual request (GET, POST, ...) is protected by Basic or Digest authentication and should not respond with a 401.
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira