Thanks for the ongoing answers.
So I added an extra OPTIONS request, and indeed, then it works. However, just to be complete, I had to add the option force: true to the GET call, otherwise it was not executed. I also had to hack it a bit as a temporary test, because e.g. https://id.inrupt.com/ieben does not allow a OPTIONS request, resulting in following hacky code. Thus, I hope that an update to ESS could be released soon because this is not really something for in production 
async load(source) {
if (source.uri.includes('storage.')) {
await this.fetcher.load(source, { withCredentials: false, method: 'OPTIONS' });
}
await this.fetcher.load(source, { withCredentials: false, method: 'GET', force: true });
}
However, for the second part, sending a PATCH update, I had to dive into rdflib again before it fully worked. ember-solid is using the fire function under the hood to send the inserts and deletions. However, this function hardcodes the options, not allowing me to set withCredentials: false.
To solve this, I’m afraid that a change to rdflib will be needed. I wanted to ask if it is realistic that such a PR will be merged and what seems the best option in your opinions. Of course, I’m open to another solution as well.
A) update the hardcoded options in fire to include withCredentials: false
B) change the default setting in setCredentials from includes to omit as suggested once before.
C) add an extra optional parameter options to the fire method so it is no longer fully hardcoded
Is this a heads-up for me?