From e19359060f7a88f82fa809c30bcd4e63c7be4eff Mon Sep 17 00:00:00 2001
From: Fabien Potencier <fabien.potencier@gmail.com>
Date: Wed, 31 Oct 2012 17:45:37 +0100
Subject: [PATCH] [Security] removed the 401 error custom status message

---
 .../Security/Http/EntryPoint/BasicAuthenticationEntryPoint.php | 2 +-
 .../Http/EntryPoint/DigestAuthenticationEntryPoint.php         | 2 +-
 .../Http/EntryPoint/BasicAuthenticationEntryPointTest.php      | 2 --
 .../Http/EntryPoint/DigestAuthenticationEntryPointTest.php     | 3 ---
 4 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/src/Symfony/Component/Security/Http/EntryPoint/BasicAuthenticationEntryPoint.php b/src/Symfony/Component/Security/Http/EntryPoint/BasicAuthenticationEntryPoint.php
index 6ba3872664b0..44ece5e72ec3 100644
--- a/src/Symfony/Component/Security/Http/EntryPoint/BasicAuthenticationEntryPoint.php
+++ b/src/Symfony/Component/Security/Http/EntryPoint/BasicAuthenticationEntryPoint.php
@@ -34,7 +34,7 @@ public function start(Request $request, AuthenticationException $authException =
     {
         $response = new Response();
         $response->headers->set('WWW-Authenticate', sprintf('Basic realm="%s"', $this->realmName));
-        $response->setStatusCode(401, $authException ? $authException->getMessage() : null);
+        $response->setStatusCode(401);
 
         return $response;
     }
diff --git a/src/Symfony/Component/Security/Http/EntryPoint/DigestAuthenticationEntryPoint.php b/src/Symfony/Component/Security/Http/EntryPoint/DigestAuthenticationEntryPoint.php
index ec92419a7de7..37fba8595e17 100644
--- a/src/Symfony/Component/Security/Http/EntryPoint/DigestAuthenticationEntryPoint.php
+++ b/src/Symfony/Component/Security/Http/EntryPoint/DigestAuthenticationEntryPoint.php
@@ -57,7 +57,7 @@ public function start(Request $request, AuthenticationException $authException =
 
         $response = new Response();
         $response->headers->set('WWW-Authenticate', $authenticateHeader);
-        $response->setStatusCode(401, $authException ? $authException->getMessage() : null);
+        $response->setStatusCode(401);
 
         return $response;
     }
diff --git a/src/Symfony/Component/Security/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php b/src/Symfony/Component/Security/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php
index b442309feb42..b9e289d718ee 100644
--- a/src/Symfony/Component/Security/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php
+++ b/src/Symfony/Component/Security/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php
@@ -34,7 +34,6 @@ public function testStart()
 
         $this->assertEquals('Basic realm="TheRealmName"', $response->headers->get('WWW-Authenticate'));
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertAttributeEquals('The exception message', 'statusText', $response);
     }
 
     public function testStartWithoutAuthException()
@@ -47,6 +46,5 @@ public function testStartWithoutAuthException()
 
         $this->assertEquals('Basic realm="TheRealmName"', $response->headers->get('WWW-Authenticate'));
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertAttributeEquals('Unauthorized', 'statusText', $response);
     }
 }
diff --git a/src/Symfony/Component/Security/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php b/src/Symfony/Component/Security/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php
index ae0e3cc5e569..8dfd6183eea7 100644
--- a/src/Symfony/Component/Security/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php
+++ b/src/Symfony/Component/Security/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php
@@ -34,7 +34,6 @@ public function testStart()
         $response = $entryPoint->start($request, $authenticationException);
 
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertAttributeEquals('TheAuthenticationExceptionMessage', 'statusText', $response);
         $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}"$/', $response->headers->get('WWW-Authenticate'));
     }
 
@@ -46,7 +45,6 @@ public function testStartWithNoException()
         $response = $entryPoint->start($request);
 
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertAttributeEquals('Unauthorized', 'statusText', $response);
         $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}"$/', $response->headers->get('WWW-Authenticate'));
     }
 
@@ -60,7 +58,6 @@ public function testStartWithNonceExpiredException()
         $response = $entryPoint->start($request, $nonceExpiredException);
 
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertAttributeEquals('TheNonceExpiredExceptionMessage', 'statusText', $response);
         $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}", stale="true"$/', $response->headers->get('WWW-Authenticate'));
     }
 }