Unauthorized request returns 200 instead of 401

Question

Unauthorized request returns 200 instead of 401

Closed this issue 10 years ago · 1 comments

Trying to access a private file will return a 200 yet the JSON output shows a 401. Is this intentional?

Host: kbase.us

Accept: /

< HTTP/1.1 200 OK
< Server: nginx/1.4.1
< Date: Fri, 21 Mar 2014 16:47:46 GMT
< Content-Type: application/json
< Content-Length: 56
< Connection: keep-alive
< Access-Control-Allow-Headers: Authorization
< Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
< Access-Control-Allow-Origin: *
<

Connection #0 to host kbase.us left intact

Closing connection #0

SSLv3, TLS alert, Client hello (1):
{"status":401,"data":null,"error":["User Unauthorized"]}canon@login1:~$

Answer 1 · 2014-03-24T21:55:54.000Z

Thanks for the heads up. This was not the intended behavior. I updated the http status code in the header to reflect the returned error code.