[TASK] Use a 401 header if login is not successful 02/23802/2
authorGeorg Ringer <georg.ringer@gmail.com>
Fri, 6 Sep 2013 08:00:04 +0000 (10:00 +0200)
committerMarkus Klein <klein.t3@mfc-linz.at>
Thu, 12 Sep 2013 21:38:49 +0000 (23:38 +0200)
If login is not correct, a 401 should be used instead of a 200.

Change-Id: Ia2fa139e89fe19df77bb0530b4fbce502506f524
Resolves: #51803
Releases: 6.2,6.1,6.0,4.5
Reviewed-on: https://review.typo3.org/23802
Reviewed-by: Markus Klein
Tested-by: Markus Klein
t3lib/class.t3lib_userauth.php

index 6c9bf80..4c59819 100644 (file)
@@ -733,6 +733,7 @@ class t3lib_userAuth {
                        }
 
                } elseif ($activeLogin || count($tempuserArr)) {
+                       t3lib_utility_Http::setResponseCode(t3lib_utility_Http::HTTP_STATUS_401);
                        $this->loginFailure = TRUE;
 
                        if ($this->writeDevLog && !count($tempuserArr) && $activeLogin) {