From 8e7d2a509029a6b91c13cf150d7f24d4a2d5b1c6 Mon Sep 17 00:00:00 2001
From: CodeShell <122738806+CodeShellDev@users.noreply.github.com>
Date: Tue, 29 Jul 2025 12:06:17 +0200
Subject: [PATCH] changed 401 to 403 Obfuscation not needed since Bad Auth
 already gives feedback by returning a Auth Prompt. -> No advantages by
 leaving it on error code 401

---
 internals/proxy/middlewares/endpoints.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internals/proxy/middlewares/endpoints.go b/internals/proxy/middlewares/endpoints.go
index 0899f2a..6a14c7e 100644
--- a/internals/proxy/middlewares/endpoints.go
+++ b/internals/proxy/middlewares/endpoints.go
@@ -21,7 +21,7 @@ func (data EndpointsMiddleware) Use() http.Handler {
 
 		if slices.Contains(BLOCKED_ENDPOINTS, reqPath) {
 			log.Warn("User tried to access blocked endpoint: ", reqPath)
-			http.Error(w, "Unauthorized", http.StatusUnauthorized)
+			http.Error(w, "Forbidden", http.StatusForbidden)
 			return
 		}