Bug #55966
closed
If the login is not succesful a 401 header should NOT be used instead of a 200
100%
Description
http://forge.typo3.org/issues/51803 should be reverted as it introduces a Bug instead of fixing anything.
HTTP Status codes are for HTTP and not for the application using it.
Simply sending a 401 status code does not only conflict with RFC 2616 which says
10.4.2 401 Unauthorized
The request requires user authentication. The response MUST include a
WWW-Authenticate header field (section 14.47) containing a challenge
applicable to the requested resource.
which fe_login doesn't do, but it also breaks HTTP authentication (tested in Chrome, should work in any RFC compliant Browser).
To reproduce this, place a login box on any site that also requires HTTP-Authentication and try to log in with the wrong credentials. You are not only presented the TYPO3-Login error but also the browser dialog asking you for your HTTP-Credentials.
Affected versions: 4.5 - master
Updated by Gerrit Code Review about 10 years ago
- Status changed from New to Under Review
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888
Updated by Gerrit Code Review about 10 years ago
Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888
Updated by Gerrit Code Review about 10 years ago
Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888
Updated by Gerrit Code Review about 10 years ago
Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888
Updated by Gerrit Code Review about 10 years ago
Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888
Updated by Gerrit Code Review about 10 years ago
Patch set 8 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27888
Updated by Gerrit Code Review about 10 years ago
Patch set 1 for branch TYPO3_6-1 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27898
Updated by Gerrit Code Review about 10 years ago
Patch set 1 for branch TYPO3_6-0 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27899
Updated by Gerrit Code Review about 10 years ago
Patch set 1 for branch TYPO3_4-5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27900
Updated by Gerrit Code Review about 10 years ago
Patch set 2 for branch TYPO3_6-0 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27899
Updated by Markus Klein about 10 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset e34a90bded50d2617344eeaada4d4235e789669b.
Updated by