From 12ac70d0fe7c0634b9112c0240b841df69be4c7e Mon Sep 17 00:00:00 2001 From: Glenn Strauss Date: Tue, 23 Feb 2021 09:27:25 -0500 Subject: [PATCH] [mod_auth] send 401 if digest algo not supported client browsers might remember prior algorithm if algorithm changed; send 401 Unauthorized to reset client browser (sending 400 Bad Request was not user friendly) --- src/mod_auth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/mod_auth.c b/src/mod_auth.c index 943c2f9a..45ed5565 100644 --- a/src/mod_auth.c +++ b/src/mod_auth.c @@ -1312,7 +1312,7 @@ static handler_t mod_auth_check_digest(request_st * const r, void *p_d, const st log_error(r->conf.errh, __FILE__, __LINE__, "digest: (%s): invalid", algorithm); buffer_free(b); - return mod_auth_send_400_bad_request(r); + return mod_auth_send_401_unauthorized_digest(r, require, 0); } /**