{"id":7995,"date":"2026-03-08T13:45:20","date_gmt":"2026-03-08T10:45:20","guid":{"rendered":"https:\/\/x0ct.com\/ai\/?p=7995"},"modified":"2026-03-08T13:45:20","modified_gmt":"2026-03-08T10:45:20","slug":"klod-kod-ispravil-nevernyj-parol-http-401-bylo-200-ispravleno-codex-code-commenttitlep2-f","status":"publish","type":"post","link":"https:\/\/x0ct.com\/ai\/?p=7995","title":{"rendered":"\u041a\u043b\u043e\u0434 \u041a\u043e\u0434 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c  HTTP 401 (\u0431\u044b\u043b\u043e 200, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e)\n\nCodex: \n\n::code-commenttitleP2 F"},"content":{"rendered":"<p><b>\u041a\u043b\u043e\u0434 \u041a\u043e\u0434 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c \u2192 HTTP 401 (\u0431\u044b\u043b\u043e 200, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e)<\/b><\/p>\n<p>Codex: <\/p>\n<p>::code-comment{title=&#187;[P2] Failed HTML login still returns 401&#8243; body=&#187;The invalid-password branch renders the form with status_code=401. That reintroduces the same class of browser-level auth handling this change is trying to avoid: embedded\/mobile browsers and some clients may treat any raw 401 as an authentication challenge\/failure page instead of showing the rendered inline error. Returning 200 for a bad password keeps the UX inside the HTML form and matches the intended migration away from native Basic Auth dialogs.&#187;<\/p>\n<p>\u042f: <i class=\"emoji\" style=\"background-image:url('\/\/telegram.org\/img\/emoji\/40\/F09FA4AF.png')\"><b>\ud83e\udd2f<\/b><\/i><\/p>\n<p>\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u043b \u0432 \u0447\u0430\u0442\u0435.<\/p>\n<p>\u041f\u0440\u043e\u043f\u0442:<\/p>\n<p><code>\u041f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043b\u0438 \u044d\u0442\u043e:<\/p>\n<p>\u041d\u0435\u0443\u0441\u043f\u0435\u0448\u043d\u044b\u0439 HTML-\u043b\u043e\u0433\u0438\u043d \u0441\u0435\u0439\u0447\u0430\u0441 \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442 401, \u0430 \u043d\u0435 \u043e\u0431\u044b\u0447\u043d\u044b\u0439 200 \u0441 \u043e\u0448\u0438\u0431\u043a\u043e\u0439.<\/code><\/p>\n<p>ChatGPT \u0438 Claude Code \u043a\u0430\u043a \u0431\u044b \u043e\u0431\u0430 \u043f\u0443\u0442\u0430\u044e\u0442\u0441\u044f \u0432 \u043f\u043e\u043a\u0430\u0437\u0430\u043d\u0438\u044f\u0445 (\u043f\u0440\u0438\u043b\u043e\u0436\u0438\u043b \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u044b)<\/p>\n<p>\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u043b \u043f\u043e Conetx7:<\/p>\n<p>\u0420\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0438\u0437 Context7:                                <\/p>\n<p>  FastAPI \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044f \u2014 \u0432\u0441\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u043d\u0435\u0443\u0434\u0430\u0447\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u044e\u0442 401 Unauthorized:<br \/>\n  HTTPException(status_code=HTTP_401_UNAUTHORIZED, detail=&#187;Not authenticated&#187;)<\/p>\n<p>  Starlette \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044f \u2014 on_auth_error \u0442\u043e\u0436\u0435 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442 401:<br \/>\n  def on_auth_error(request, exc):<br \/>\n      return JSONResponse({&#171;error&#187;: str(exc)}, status_code=401)                                                                                                                                                    <\/p>\n<p>\u0412\u044b\u0432\u043e\u0434: \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u043e\u0431\u043e\u0438\u0445 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u043e\u0432, \u043d\u0435\u0443\u0434\u0430\u0447\u043d\u044b\u0439 \u043b\u043e\u0433\u0438\u043d \u0434\u043e\u043b\u0436\u0435\u043d \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0442\u044c 401, \u0430 \u043d\u0435 200. \u041d\u0430\u0448 \u0444\u0438\u043a\u0441 \u0431\u044b\u043b \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c.<\/p>\n<p>\u0412\u043e\u0442 \u0438 \u0434\u0443\u043c\u0430\u0439\u0442\u0435 \u0441\u0430\u043c\u0438&#8230; \u0447\u0438\u0442\u0430\u0439\u0442\u0435 \u0441\u0430\u043c\u0438, \u043a\u0430\u043a \u0432\u0430\u043c \u0432\u0430\u0439\u0431 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u0447\u0438\u0442\u044c \u0438\u043b\u0438 \u043d\u0435 \u0443\u0447\u0438\u0442\u044c.<\/p>\n<p>\u041d\u043e \u0434\u0430\u0432\u0430\u0439\u0442\u0435 \u0437\u0430\u043f\u043e\u043c\u043d\u0438\u043c \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u043c\u043f\u0442. \u041e\u043d \u043d\u0430\u043c \u043f\u0440\u0438\u0433\u043e\u0434\u0438\u0442\u0441\u044f \u0442\u0435\u0441\u0442\u0438\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u043c\u043e\u0434\u0435\u043b\u0438.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/x0ct.com\/ai\/wp-content\/uploads\/2026\/03\/16ed45bb69a8045ef9c1640af4c5a1ed_08032026_1772967541.jpeg\" \/><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/x0ct.com\/ai\/wp-content\/uploads\/2026\/03\/647de62cb8f6a30f366d6d9583e6475b_08032026_1772967541.jpeg\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u041a\u043b\u043e\u0434 \u041a\u043e\u0434 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c \u2192 HTTP 401 (\u0431\u044b\u043b\u043e 200, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e) Codex: ::code-comment{title=&#187;[P2] Failed HTML login still returns 401&#8243; body=&#187;The invalid-password branch renders the form with status_code=401. That reintroduces the same class of browser-level auth handling this change is trying to avoid: embedded\/mobile browsers and some clients may treat any raw 401 as an authentication [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":7992,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-7995","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/x0ct.com\/ai\/index.php?rest_route=\/wp\/v2\/posts\/7995","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/x0ct.com\/ai\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/x0ct.com\/ai\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/x0ct.com\/ai\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/x0ct.com\/ai\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7995"}],"version-history":[{"count":0,"href":"https:\/\/x0ct.com\/ai\/index.php?rest_route=\/wp\/v2\/posts\/7995\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/x0ct.com\/ai\/index.php?rest_route=\/wp\/v2\/media\/7992"}],"wp:attachment":[{"href":"https:\/\/x0ct.com\/ai\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7995"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/x0ct.com\/ai\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7995"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/x0ct.com\/ai\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7995"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}