You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@couchdb.apache.org by "Jacques Bonhomme (JIRA)" <ji...@apache.org> on 2010/12/01 19:26:11 UTC

[jira] Commented: (COUCHDB-683) Missing WWW-Authenticate header (regression)

    [ https://issues.apache.org/jira/browse/COUCHDB-683?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12965777#action_12965777 ] 

Jacques Bonhomme commented on COUCHDB-683:
------------------------------------------

Not a problem ? This is a violation of the HTTP protocol. Quoting RFC 2616 :

10.4.2 401 Unauthorized

   The request requires user authentication. The response MUST include a
   WWW-Authenticate header field (section 14.47)


> Missing WWW-Authenticate header (regression)
> --------------------------------------------
>
>                 Key: COUCHDB-683
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-683
>             Project: CouchDB
>          Issue Type: Bug
>          Components: Database Core
>    Affects Versions: 0.11
>            Reporter: Matt Goodall
>
> CouchDB does not send a "WWW-Authenticate" header in the 401 response (CouchDB 0.10.x) . May break many HTTP clients.
> $ curl -i -X "PUT" http://localhost:5984/foo
> HTTP/1.1 401 Unauthorized
> Server: CouchDB/0.11.0bf93cb9b-git (Erlang OTP/R13B)
> Date: Fri, 05 Mar 2010 12:40:28 GMT
> Content-Type: text/plain;charset=utf-8
> Content-Length: 64
> Cache-Control: must-revalidate
> {"error":"unauthorized","reason":"You are not a server admin."}

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.