Almost nothing within the spec suggests in any other case, and infrequently You can not make use of a 401 in that situation due to the fact returning a 401 is simply authorized in case you incorporate a WWW-Authenticate header. Early hackers were thinking about how they may explore, strengthen, http://pigpgs.com
