diff --git a/ext/fetch/26_fetch.js b/ext/fetch/26_fetch.js
index e522079bf75d2f..f17373a0cc5f56 100644
--- a/ext/fetch/26_fetch.js
+++ b/ext/fetch/26_fetch.js
@@ -308,6 +308,16 @@
     return response;
   }
 
+  /**
+   * @param {URL} a
+   * @param {URL} b
+   * @returns {boolean}
+   */
+  function isSameOrigin(a, b) {
+    if (a.origin === null) return false;
+    return a.origin === b.origin;
+  }
+
   /**
    * @param {InnerRequest} request
    * @param {InnerResponse} response
@@ -366,6 +376,14 @@
         }
       }
     }
+    if (!isSameOrigin(request.currentUrl, locationURL)) {
+      for (let i = 0; i < request.headerList.length; i++) {
+        if (byteLowerCase(request.headerList[i][0]) == "authorization") {
+          ArrayPrototypeSplice(request.headerList, i, 1);
+          i--;
+        }
+      }
+    }
     if (request.body !== null) {
       const res = extractBody(request.body.source);
       request.body = res.body;