Basic Authentication for `_utils` does not work if `require_valid_user_except_for_up` is set

Description

When setting require_valid_user_except_for_up instead of require_valid_user in the CouchDB configuration, the system does not prompt for username and password when accessing the _utils endpoint. Instead, a 401 is returned. {"error":"unauthorized","reason":"Authentication required."}

When changing the configuration back to require_valid_user, the basic authentication prompt appears as expected.

Steps to Reproduce

Set require_valid_user_except_for_up = true in local.ini
Restart CouchDB to apply the configuration change.
Attempt to access the _utils endpoint (e.g., http://localhost:5984/_utils).

Expected Behaviour

The _utils endpoint should prompt for authentication

Your Environment

CouchDB version used: 3.3 (Docker)
Browser name and version: Firefox
Operating system and version: MacOS

{
  "couchdb": "Welcome",
  "version": "3.3.3",
  "git_sha": "40afbcfc7",
  "uuid": "3a7f2e8d1c9b4f6e0d5a2c8b7f3e1d9a",
  "features": [
    "access-ready",
    "partitioned",
    "pluggable-storage-engines",
    "reshard",
    "scheduler"
  ],
  "vendor": {
    "name": "The Apache Software Foundation"
  }
}

local.ini

[couchdb]
single_node=true
uuid = 3a7f2e8d1c9b4f6e0d5a2c8b7f3e1d9a

[chttpd]
require_valid_user_except_for_up = true
bind_address = any
authentication_handlers = {chttpd_auth, jwt_authentication_handler}, {chttpd_auth, cookie_authentication_handler}, {chttpd_auth, default_authentication_handler}
enable_cors = true

[jwt_keys]
....

[jwt_auth]
roles_claim_path = cognito:groups

[couch_peruser]
enable = true

[admins]
admin = -pbkdf2-...

[cors]
origins = *
headers = accept, authorization, content-type, origin, referer
credentials = true
methods = GET, PUT, POST, HEAD, DELETE

apache / couchdb

Basic Authentication for `_utils` does not work if `require_valid_user_except_for_up` is set #5186

Description

Steps to Reproduce

Expected Behaviour

Your Environment