Proposal for handling 403 forbidden
While I was thinking about how to structure some of my access handling code in my web app, I saw that it currently is impossible to return a 403 code when a user reaches a password protected page. The biggest problem with returning a 403 is the way the browsers show this problem to the user. The user is interrupted with popup asking them for a username and a password....