* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Ticket #294 (closed design: fixed)

Opened 4 years ago

Last modified 3 years ago

clarify 403 forbidden

Reported by: julian.reschke@gmx.de Owned by: julian.reschke@gmx.de
Priority: normal Milestone: 15
Component: p2-semantics Severity: Active WG Document
Keywords: Cc:
Origin: http:///www.w3.org/mid/8B0A9FCBB9832F43971E38010638454F03F1490FBC@SISPE7MB1.commscope.com

Description

People read

"Authorization will not help and the request SHOULD NOT be repeated."

as if authenticating with *different* credentials won't help, and this choose a different status code.

See also

http://lists.w3.org/Archives/Public/ietf-http-wg/2010JulSep/0085.html

and

http://stackoverflow.com/questions/6113014/what-http-code-to-use-in-not-authenticated-and-not-autorized-cases

Martin proposes:

"The server understood the request, but refuses to authorize it. Providing different user authentication credentials might be successful, but any credentials that were provided in the request are insufficient."

which sounds good to me.

Attachments

i294.diff (1.2 KB) - added by julian.reschke@gmx.de 4 years ago.
proposed patch

Change History

Changed 4 years ago by julian.reschke@gmx.de

proposed patch

comment:2 Changed 4 years ago by julian.reschke@gmx.de

From [1301]:

clarify 403 forbidden (see #294)

comment:3 Changed 4 years ago by julian.reschke@gmx.de

  • Status changed from new to closed
  • Resolution set to incorporated
  • Milestone changed from unassigned to 15

comment:4 Changed 3 years ago by mnot@pobox.com

  • Status changed from closed to reopened
  • Resolution incorporated deleted

comment:5 Changed 3 years ago by mnot@pobox.com

  • Status changed from reopened to closed
  • Resolution set to fixed
Note: See TracTickets for help on using tickets.