Returning a 401 for restricted GET requests

[darsee]

seneca-auth currently only returns a 401 for restricted requests that have a 'content-type' header which starts with 'application/json;'

I'd like to get a 401 response from GET requests sent by angular's $http service, but these don't include a content-type header (and it seems that the convention is to not include this header with GET requests in general).

Headers can be manually specified for requests:

$http.get('url', {headers: 'content-type': 'application/json'})

but angular actually strips out the content-type header if no data is included with the request see line 6633 :anguished:.

As a workaround, I'm using the longhand syntax for GET requests and including an empty data parameter:

$http({method: 'GET', url: 'url', data: '', headers: {'content-type': 'application/json'}})

or to achieve the same thing for all GET requests:

app.config(function ($httpProvider) {
  $httpProvider.defaults.headers.get = $httpProvider.defaults.headers.get || {};
  $httpProvider.defaults.headers.get['content-type'] = 'application/json';
});

[AdrieanKhisbe]

$ touch this

would be indeed interesting to have at least that configurable (or at least documented :))