API not HTTP conform #244
Labels
No Label
bug
build
dependencies
developers
documentation
duplicate
enhancement
formatting
invalid
legal
mobile
obsolete
packaging
performance
protocol
question
refactoring
regression
security
test
translation
usability
wontfix
No Milestone
No project
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Bitmessage/PyBitmessage-2024-12-17#244
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Issue
The API does not responds correctly to failed login attempts.
Current result
In case invalid or no credentials are provided, the API returns an XML with an error message. While this is not incorrect, the HTTP headers themselves are.
Expected result
The API should return with a 401 Header in case no login credentials are provided and with a 401 or 403 code if invalid credentials are provided.
401: Authentication required (specify username and password please)
403: Forbidden (do not try again with this user. It is invalid)