Draft: fix: directly raise HTTPUnauthorized if credentials are wrong (!22) · Merge requests · cubicweb / cubes / signedrequest

Noé Gaumont requested to merge topic/default/raise-instead-of-return into topic/default/no-csrf-on-signedrequest-for-rqlio Aug 20, 2021

Cubicweb folds to any possilbe connection if possible (in practice anonymous connection). This commit prevents this fallback in case there is a wrong Authorization http header.

Edited Aug 20, 2021 by Noé Gaumont

Draft: fix: directly raise HTTPUnauthorized if credentials are wrong

Merge request reports