diff --git a/.gitattributes b/.gitattributes
index dfaba790..f69293f5 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,2 +1,3 @@
 share/public/javascripts/*.min.js binary
 share/public/css/*.min.css binary
+share/public/swagger-ui/* binary
diff --git a/lib/App/Netdisco/Web/AuthN.pm b/lib/App/Netdisco/Web/AuthN.pm
index 71fc8d05..cc1803a1 100644
--- a/lib/App/Netdisco/Web/AuthN.pm
+++ b/lib/App/Netdisco/Web/AuthN.pm
@@ -210,6 +210,11 @@ get qr{^/(?:login(?:/denied)?)?} => sub {
         return_url => param('return_url'),
       };
     }
+    elsif (defined request->header('X-Requested-With')
+           and request->header('X-Requested-With') eq 'XMLHttpRequest') {
+      status('unauthorized');
+      return '<div class="span2 alert alert-error"><i class="icon-ban-circle"></i> Error: unauthorized.</div>';
+    }
     else {
       template 'index', {
         return_url => param('return_url')