diff --git a/testing/web-platform/meta/XMLHttpRequest/send-authentication-cors-basic-setrequestheader.htm.ini b/testing/web-platform/meta/XMLHttpRequest/send-authentication-cors-basic-setrequestheader.htm.ini
deleted file mode 100644
index 13c1bad8d8a0..000000000000
--- a/testing/web-platform/meta/XMLHttpRequest/send-authentication-cors-basic-setrequestheader.htm.ini
+++ /dev/null
@@ -1,5 +0,0 @@
-[send-authentication-cors-basic-setrequestheader.htm]
-  type: testharness
-  [XMLHttpRequest: send() - "Basic" authenticated CORS request using setRequestHeader() (expects to succeed)]
-    expected: FAIL
-
diff --git a/testing/web-platform/meta/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred.htm.ini b/testing/web-platform/meta/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred.htm.ini
deleted file mode 100644
index ae2e54330561..000000000000
--- a/testing/web-platform/meta/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred.htm.ini
+++ /dev/null
@@ -1,5 +0,0 @@
-[send-authentication-cors-setrequestheader-no-cred.htm]
-  type: testharness
-  [CORS request with setRequestHeader auth to URL accepting Authorization header]
-    expected: FAIL
-
diff --git a/testing/web-platform/tests/XMLHttpRequest/resources/auth2/corsenabled.py b/testing/web-platform/tests/XMLHttpRequest/resources/auth2/corsenabled.py
index c8e230078f7e..77b4acfe24ab 100644
--- a/testing/web-platform/tests/XMLHttpRequest/resources/auth2/corsenabled.py
+++ b/testing/web-platform/tests/XMLHttpRequest/resources/auth2/corsenabled.py
@@ -1,13 +1,16 @@
 import imp
 import os
 
+here = os.path.dirname(__file__)
+
+
 def main(request, response):
     response.headers.set('Access-Control-Allow-Origin', request.headers.get("origin"));
     response.headers.set('Access-Control-Allow-Credentials', 'true');
     response.headers.set('Access-Control-Allow-Methods', 'GET');
     response.headers.set('Access-Control-Allow-Headers', 'authorization, x-user, x-pass');
     response.headers.set('Access-Control-Expose-Headers', 'x-challenge, xhr-user, ses-user');
-    auth = imp.load_source("", os.path.abspath("XMLHttpRequest/resources/authentication.py"))
+    auth = imp.load_source("", os.path.abspath(os.path.join(here, os.pardir, "authentication.py")))
     if request.method == "OPTIONS":
         return ""
     else:
diff --git a/testing/web-platform/tests/XMLHttpRequest/resources/auth7/corsenabled.py b/testing/web-platform/tests/XMLHttpRequest/resources/auth7/corsenabled.py
index ce22697390da..b183b325e36c 100644
--- a/testing/web-platform/tests/XMLHttpRequest/resources/auth7/corsenabled.py
+++ b/testing/web-platform/tests/XMLHttpRequest/resources/auth7/corsenabled.py
@@ -1,15 +1,16 @@
 import imp
 import os
 
+here = os.path.dirname(__file__)
+
 def main(request, response):
     response.headers.set('Access-Control-Allow-Origin', request.headers.get("origin"));
     response.headers.set('Access-Control-Allow-Credentials', 'true');
     response.headers.set('Access-Control-Allow-Methods', 'GET');
     response.headers.set('Access-Control-Allow-Headers', 'authorization, x-user, x-pass');
     response.headers.set('Access-Control-Expose-Headers', 'x-challenge, xhr-user, ses-user');
-    auth = imp.load_source("", os.path.join(os.path.abspath(os.curdir),
-                                            "XMLHttpRequest",
-                                            "resources",
+    auth = imp.load_source("", os.path.join(here,
+                                            os.pardir,
                                             "authentication.py"))
     if request.method == "OPTIONS":
         return ""
diff --git a/testing/web-platform/tests/XMLHttpRequest/resources/auth8/corsenabled-no-authorize.py b/testing/web-platform/tests/XMLHttpRequest/resources/auth8/corsenabled-no-authorize.py
index cb40efb081b4..623a37430dae 100644
--- a/testing/web-platform/tests/XMLHttpRequest/resources/auth8/corsenabled-no-authorize.py
+++ b/testing/web-platform/tests/XMLHttpRequest/resources/auth8/corsenabled-no-authorize.py
@@ -1,15 +1,17 @@
 import imp
 import os
 
+here = os.path.dirname(__file__)
+
+
 def main(request, response):
     response.headers.set('Access-Control-Allow-Origin', request.headers.get("origin"));
     response.headers.set('Access-Control-Allow-Credentials', 'true');
     response.headers.set('Access-Control-Allow-Methods', 'GET');
     response.headers.set('Access-Control-Allow-Headers', 'x-user, x-pass');
     response.headers.set('Access-Control-Expose-Headers', 'x-challenge, xhr-user, ses-user');
-    auth = imp.load_source("", os.path.join(os.path.abspath(os.curdir),
-                                            "XMLHttpRequest",
-                                            "resources",
+    auth = imp.load_source("", os.path.join(here,
+                                            os.pardir,
                                             "authentication.py"))
     if request.method == "OPTIONS":
         return ""