Use 403 instead of 200 response
A forbidden should throw a 403 and this makes it easier for me to do some automated testing.
Please register or sign in to comment
A forbidden should throw a 403 and this makes it easier for me to do some automated testing.