Opened 4 years ago

Closed 4 years ago

#2813 closed defect (fixed)

MgDevHttpServer not issuing authentication challenges on missing credentials/session

Reported by: jng Owned by: jng
Priority: low Milestone: 4.0
Component: General Version:
Severity: trivial Keywords:
Cc: External ID:

Description

Before we execute a MgHttpRequest, we need to check if one of [USERNAME/PASSWORD]/SESSION is given and return 401 if neither is given

Change History (1)

comment:1 by jng, 4 years ago

Resolution: fixed
Status: assignedclosed

In 9716:

Fix MgDevHttpServer not issuing authentication challenge if one of [USERNAME/PASSWORD] or SESSION is not detected in the request parameters. This makes the handle behave in line with the existing Cgi/Isapi/Apache implementations.

Fixes #2813

Note: See TracTickets for help on using tickets.