HTTP Authentication data is still sent to third parties with ESR 52 based Tor Browser

Testing a build based on ESR 52 and our patches in #20680 (moved) it turns our that HTTP Authentication data seems to leak to third parties as can be seen on the http://ip-check.info test.