Return-Path: Delivered-To: apmail-couchdb-dev-archive@www.apache.org Received: (qmail 72417 invoked from network); 1 Dec 2010 16:07:36 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 1 Dec 2010 16:07:36 -0000 Received: (qmail 38247 invoked by uid 500); 1 Dec 2010 16:07:35 -0000 Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org Received: (qmail 38122 invoked by uid 500); 1 Dec 2010 16:07:34 -0000 Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list dev@couchdb.apache.org Received: (qmail 38112 invoked by uid 99); 1 Dec 2010 16:07:32 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 01 Dec 2010 16:07:32 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 01 Dec 2010 16:07:32 +0000 Received: from thor (localhost [127.0.0.1]) by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id oB1G7Bbc012240 for ; Wed, 1 Dec 2010 16:07:12 GMT Message-ID: <5508255.48491291219631924.JavaMail.jira@thor> Date: Wed, 1 Dec 2010 11:07:11 -0500 (EST) From: "Benjamin Young (JIRA)" To: dev@couchdb.apache.org Subject: [jira] Created: (COUCHDB-972) Unauthorized requests with(out) Accept: */* get different status codes MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 Unauthorized requests with(out) Accept: */* get different status codes ---------------------------------------------------------------------- Key: COUCHDB-972 URL: https://issues.apache.org/jira/browse/COUCHDB-972 Project: CouchDB Issue Type: Bug Components: Futon, HTTP Interface Affects Versions: 1.0.1 Reporter: Benjamin Young Priority: Minor Sending a GET request without an Accept header set returns a 302 Found status which redirects to the Futon's login page. Sending a GET request with an Accept: */* (which is conceptually the same) returns a 401 (as does setting Accept to anything else: application/json, etc). The 401 code is the prefered response, but the 302 is in use to load the HTML/JS-based login forms in Futon. The options I can see to fix this are: 1. Return 302 if Accept is set to */*, but return 401 for application/json (and possibly anything more specific). 2. Return 401 and load the Futon login page/system as the response body--some browsers/clients may still load the HTTP Auth form in addition to the HTML one in the body of the page. 3. Return 401 and let the browsers HTTP Auth form handle the login process. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.