From 681c95a74986af2820c62092cf1c2a5d93c1d46a Mon Sep 17 00:00:00 2001
From: Stavros Korokithakis <stavros@korokithakis.net>
Date: Sun, 7 Aug 2016 16:50:36 +0300
Subject: [PATCH] Add default "Restricted" realm to HTTP Basic auth (#1007)

* Add default "Restricted" realm to HTTP Basic auth

* Add tests for the Basic auth realm
---
 caddyhttp/basicauth/basicauth.go      | 2 +-
 caddyhttp/basicauth/basicauth_test.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/caddyhttp/basicauth/basicauth.go b/caddyhttp/basicauth/basicauth.go
index d9cce8551..c8b6075f5 100644
--- a/caddyhttp/basicauth/basicauth.go
+++ b/caddyhttp/basicauth/basicauth.go
@@ -61,7 +61,7 @@ func (a BasicAuth) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error
 
 	if hasAuth {
 		if !isAuthenticated {
-			w.Header().Set("WWW-Authenticate", "Basic")
+			w.Header().Set("WWW-Authenticate", "Basic realm=\"Restricted\"")
 			return http.StatusUnauthorized, nil
 		}
 		// "It's an older code, sir, but it checks out. I was about to clear them."
diff --git a/caddyhttp/basicauth/basicauth_test.go b/caddyhttp/basicauth/basicauth_test.go
index 182feabf9..d0a66a89c 100644
--- a/caddyhttp/basicauth/basicauth_test.go
+++ b/caddyhttp/basicauth/basicauth_test.go
@@ -52,7 +52,7 @@ func TestBasicAuth(t *testing.T) {
 		if result == http.StatusUnauthorized {
 			headers := rec.Header()
 			if val, ok := headers["Www-Authenticate"]; ok {
-				if val[0] != "Basic" {
+				if val[0] != "Basic realm=\"Restricted\"" {
 					t.Errorf("Test %d, Www-Authenticate should be %s provided %s", i, "Basic", val[0])
 				}
 			} else {