Why PreAuthenticate is not enabled by default?

As far as I understand WebRequest.PreAuthenticate is almost always good.

If I enable it even when there is no credential it won开发者_开发技巧't try to authenticate, if there is a credential it'll. So is there any legitimate reason to set it False? Or is it OK to set it True even when there is no credentials?

And since it's quite useful why it's not enabled by default just like many other HTTP features?

Rick Strahl has a very detailed blog post about this.

To summarize, if you need to be able to change the credentials in the request at some point (without the server intervention), do not set PreAuthenticate to true. Otherwise, go for it.