Final answer:
The claim about the 'authorization' header is false. It is actually used in authenticated HTTP requests to provide credentials, and supports various authentication schemes, not just anonymous connections.
Step-by-step explanation:
The statement that the 'authorization' header is only supported when connecting anonymously is false. The 'authorization' header is actually used in HTTP requests to provide credentials proving the authenticity of a request. For instance, when you are accessing a protected resource, the server might respond with a 401 Unauthorized status and an 'WWW-Authenticate' header, prompting the client to submit an 'authorization' header with the correct credentials (such as a Base64-encoded username and password, or a token).
In web development and API design, using the 'authorization' header is a common practice for authenticated requests, and is not limited to anonymous connections. It supports various authentication schemes, including Basic, Digest, Bearer (commonly used with OAuth2), and more. Therefore, this header is integral to the process of securing web applications and services.