Why set both `Authorization` and `Proxy-Authorization` headers?

[StephenWakely]

In set_authorization if the intercept is not http or https, it sets both Authorization and Proxy-Authorization headers.

It's not clear to me why this should be the case and strikes me as a bug. It's not clear to me why we would need to set different headers according to the scheme of the intercept at all. I'm not finding any relevant information in the RFC.

Do you have any ideas? Thanks