Details
-
Improvement
-
Resolution: Fixed
-
Medium
-
4.7.0
-
N/A
Description
When accessing a page for which the user does not have access, an HTTP status code 200 is returned, whereas the more correct one would be 401 (Authorization Required).
The proposed enhancement is to make the following part of the default settings, in error.ini:
[ErrorSettings-kernel] HTTPError[1]=401 [HTTPError-401] HTTPName=Authorization Required