HTTP lib: When authentication cannot proceed, issue 403

The http protocol states that 401 should only be used when further authentication would be possible bzr revid: p_christ@hol.gr-20100726093334-qe5midzceivezbxu
2010-07-26 12:33:34 +03:00 · 2010-07-26 12:33:34 +03:00 · c06b42ad3c
parent 89a5176ed4
commit c06b42ad3c
1 changed files with 2 additions and 2 deletions
--- a/bin/service/websrv_lib.py
+++ b/bin/service/websrv_lib.py
@ -208,7 +208,7 @@ class MultiHTTPHandler(FixSendError,BaseHTTPRequestHandler):
            except AuthRequiredExc,ae:
                if self.request_version != 'HTTP/1.1':
                    self.log_error("Cannot require auth at %s",self.request_version)
-                    self.send_error(401)
+                    self.send_error(403)
                    return
                self._get_ignore_body(fore) # consume any body that came, not loose sync with input
                self.send_response(401,'Authorization required')
@ -221,7 +221,7 @@ class MultiHTTPHandler(FixSendError,BaseHTTPRequestHandler):
                return
            except AuthRejectedExc,e:
                self.log_error("Rejected auth: %s" % e.args[0])
-                self.send_error(401,e.args[0])
+                self.send_error(403,e.args[0])
                self.close_connection = 1
                return
        mname = 'do_' + fore.command