Why withCredentials default can't be overwritten?

[gbauxy]

Why withCredentials default can't be overwritten for particular request?
For example, website working generally with API from another domain and all this requests requires cookies so we set withCredentials default to true for convenience .
But some requests need to be fulfilled to another domain, for example githib.com.
So it is not possible to overwrite withCredentials to false because of this line of code

What the reason for such behavior?

[liximomo]

I want to overwrite it too!

[mzabriskie]

This may be a false assumption, but the rationale is that you don't want someone to accidentally override withCredentials if it has been globally set as the default.

[gbauxy]

At least this logic conflicts with docs config-order-of-precedence
Moreover, when someone explicitly type

axios.get('https://api.github.com', {
  withCredentials: false
});

it verbose enough to understand what do you do.
And the third point is that this logic can lead to security issues when developer try to fulfill partial request without cookies but cookies will be sent anyway.

So my proposal is to discard this rule.

[fatpandaria]

Is there any update about this issue?I also want to overwrite the withcredential option for some specific request which withcredential will lead to unprocessable error.But I just couldn't make it,so I am just wondering whether this issue is the reason?