Absolutely nothing during the spec states usually, and often You can not use a 401 in that scenario for the reason that returning a 401 is simply legal when you contain a WWW-Authenticate header. Teach customers and tell them about the latest hacking traits so that they can get ready http://pigpgs.com
