You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
sirtet opened this issue
Feb 24, 2015
· 5 comments
Labels
c: APIsFor bugs and features in the Matomo HTTP and plugin APIs.TaskIndicates an issue is neither a feature nor a bug and it's purely a "technical" change.
When trying a piwik page without logging in, the response is the login form, delivered with status code 200 OK. I think that should be delivered with a 403.
The text was updated successfully, but these errors were encountered:
As Drupal uses 403, i think it should be save for piwik too.
Not having the correct response code can be critical for some services i think.
I stumbled into a concrete case to this Problem on a piwik plugin: sgiehl/piwik-plugin-ExcludeByDDNS#4
This also happens when accessing the Reporting API without providing a token_auth, it will return a 200 OK. We need to inspect the body and look for result => error. It would be more convenient if we could rely on the HTTP response code.
c: APIsFor bugs and features in the Matomo HTTP and plugin APIs.TaskIndicates an issue is neither a feature nor a bug and it's purely a "technical" change.
When trying a piwik page without logging in, the response is the login form, delivered with status code 200 OK. I think that should be delivered with a 403.
The text was updated successfully, but these errors were encountered: