- if ((StrLength(Hdr->c_username) == 0) && (!Hdr->HR.DontNeedAuth)) {
-
- if ((Hdr->HR.Handler != NULL) &&
- (XHTTP_COMMANDS & Hdr->HR.Handler->Flags) == XHTTP_COMMANDS) {
- OverrideRequest(Hdr, HKEY("GET /401 HTTP/1.0"));
- Hdr->HR.prohibit_caching = 1;
- }
- else {
- OverrideRequest(Hdr, HKEY("GET /static/nocookies.html?force_close_session=yes HTTP/1.0"));
- Hdr->HR.prohibit_caching = 1;
- }
- }
-
- if (StrLength(Hdr->c_language) > 0) {
- lprintf(9, "Session cookie requests language '%s'\n", ChrPtr(Hdr->c_language));
- set_selected_language(ChrPtr(Hdr->c_language));
- go_selected_language();
- }
+ /*
+ * Reject transactions which require http-auth, if http-auth was not provided
+ */
+ if ( (StrLength(Hdr->c_username) == 0)
+ && (!Hdr->HR.DontNeedAuth)
+ && (Hdr->HR.Handler != NULL)
+ && ((XHTTP_COMMANDS & Hdr->HR.Handler->Flags) == XHTTP_COMMANDS)
+ ) {
+ syslog(LOG_DEBUG, "http-auth required but not provided");
+ OverrideRequest(Hdr, HKEY("GET /401 HTTP/1.0"));
+ Hdr->HR.prohibit_caching = 1;