From c0c48e0efd596937d14d9c65ffe32552b98d541c Mon Sep 17 00:00:00 2001
From: Dave Collins <davec@conformal.com>
Date: Thu, 19 Feb 2015 20:51:51 -0600
Subject: [PATCH] Improve a couple of JSON-RPC server err conditions.

- When invalid HTTP Basic Access Authentication details are provided to
  the websocket endpoint, return a WWW-Authenticate header just like the
  non-websocket endpoint
- When a connection to the websocket endpoint fails to properly upgrade,
  return a 400 Bad Request HTTP error status code
---
 rpcserver.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/rpcserver.go b/rpcserver.go
index f69ecb78c..11c8964b2 100644
--- a/rpcserver.go
+++ b/rpcserver.go
@@ -3286,7 +3286,7 @@ func (s *rpcServer) Start() {
 	rpcServeMux.HandleFunc("/ws", func(w http.ResponseWriter, r *http.Request) {
 		authenticated, err := s.checkAuth(r, false)
 		if err != nil {
-			http.Error(w, "401 Unauthorized.", http.StatusUnauthorized)
+			jsonAuthFail(w)
 			return
 		}
 
@@ -3298,6 +3298,7 @@ func (s *rpcServer) Start() {
 				rpcsLog.Errorf("Unexpected websocket error: %v",
 					err)
 			}
+			http.Error(w, "400 Bad Request.", http.StatusBadRequest)
 			return
 		}
 		s.WebsocketHandler(ws, r.RemoteAddr, authenticated)