Project

General

Profile

Actions

Bug #55966

closed

If the login is not succesful a 401 header should NOT be used instead of a 200

Added by Michael Knabe almost 11 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
felogin
Target version:
Start date:
2014-02-13
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
4.5
PHP Version:
Tags:
Complexity:
Is Regression:
Yes
Sprint Focus:

Description

http://forge.typo3.org/issues/51803 should be reverted as it introduces a Bug instead of fixing anything.
HTTP Status codes are for HTTP and not for the application using it.

Simply sending a 401 status code does not only conflict with RFC 2616 which says

10.4.2 401 Unauthorized

The request requires user authentication. The response MUST include a
WWW-Authenticate header field (section 14.47) containing a challenge
applicable to the requested resource.

which fe_login doesn't do, but it also breaks HTTP authentication (tested in Chrome, should work in any RFC compliant Browser).
To reproduce this, place a login box on any site that also requires HTTP-Authentication and try to log in with the wrong credentials. You are not only presented the TYPO3-Login error but also the browser dialog asking you for your HTTP-Credentials.

Affected versions: 4.5 - master


Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Task #51803: 401 response header ClosedGeorg Ringer2013-09-06

Actions
Actions #1

Updated by Gerrit Code Review almost 11 years ago

  • Status changed from New to Under Review

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888

Actions #2

Updated by Gerrit Code Review almost 11 years ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888

Actions #3

Updated by Gerrit Code Review almost 11 years ago

Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888

Actions #4

Updated by Gerrit Code Review almost 11 years ago

Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888

Actions #5

Updated by Gerrit Code Review almost 11 years ago

Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888

Actions #6

Updated by Gerrit Code Review almost 11 years ago

Patch set 8 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888

Actions #7

Updated by Gerrit Code Review almost 11 years ago

Patch set 1 for branch TYPO3_6-1 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27898

Actions #8

Updated by Gerrit Code Review almost 11 years ago

Patch set 1 for branch TYPO3_6-0 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27899

Actions #9

Updated by Gerrit Code Review almost 11 years ago

Patch set 1 for branch TYPO3_4-5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27900

Actions #10

Updated by Gerrit Code Review almost 11 years ago

Patch set 2 for branch TYPO3_6-0 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27899

Actions #11

Updated by Markus Klein almost 11 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions #12

Updated by Benni Mack about 6 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF