Branch: refs/heads/master
Home: https://github.com/conformal/btcd
Commit: 5859deea7e2aaaa7a55bdd3d4c2d77ef961b8025
https://github.com/conformal/btcd/commit/5859deea7e2aaaa7a55bdd3d4c2d77ef961b8025
Author: Dave Collins <[email protected]>
Date: 2014-01-23 (Thu, 23 Jan 2014)
Changed paths:
M rpcserver.go
Log Message:
-----------
Improve RPC authentication failure responses.
This commit improves how the legacy RPC server responds to authentication
failures so things like web browsers can react better. The following
changes have been made:
First, authentication failures were only printing the 401 error response
in the body instead of setting the http status code. This means the
response had a 200 OK header with a body of 401 Unauthorized. Therefore
the client would think everything was ok, but see the response as
malformed JSON.
Second, the spec for 401 Unauthorized responses state they must include a
WWW-Authenticate header to instruct the client how to authenticate.
Without this, browsers won't prompt the user for credentials.
