cubicweb #1642893 Unauthorized exception gives a 500 error message [validation pending]
Publisher handle Unauthorized exception as any other and return a 500 HTTP returns code. Returning a 403 Code would be more accurate.
|closed by||<not specified>|
- cubicweb #1698245 Convert __message to _cwmsgid to increase security
- cubicweb #511718 explain why rql expr insertion doesn't work to ease security debugging
- TheCubicWebBook #656194 CW Administration: how to give dynamic permissions
- cubicweb #1346310 Add `Secure` attribute to cookie when navigating on https
- cubicweb #1381390 Implement HTTP Strict Transport Security for https