fixed in HTTP built-in to force authentication (when enabled) always, even on non-existing pages

Changes

@@ -39,6 +39,9 @@
   	(thanks to Sander Bos for pointing this out)
 - Fixed in 'zfs.pm' the way how is collected pool's data.
 	(thanks to Derek Dongray, derek AT valedon.co.uk)
+- Fixed in HTTP built-in to force authentication (when enabled) always, even on
+  non-existing pages.
+  	(thanks to Sander Bos for pointing this out)
 
 
 3.10.0 - 25-Sep-2017

lib/HTTPServer.pm

@@ -241,7 +241,6 @@ sub handle_request {
 		}
 	}
 
-	if(scalar(@data)) {
 	if($auth eq "y") {
 		if(http_header("401", $mimetype)) {
 			print("<!DOCTYPE html '-//W3C//DTD HTML 4.01 Final//EN'>\r\n");
@@ -260,6 +259,8 @@ sub handle_request {
 			exit(0);
 		}
 	}
+
+	if(scalar(@data)) {
 		http_header("200", $mimetype);
 		foreach(@data) {
 			print $_;