[wp-trac] [WordPress Trac] #23407: http 403 should be returned for private content
WordPress Trac
noreply at wordpress.org
Thu Feb 7 09:18:40 UTC 2013
#23407: http 403 should be returned for private content
--------------------------+------------------------------
Reporter: mark-k | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 3.4
Severity: normal | Resolution:
Keywords: |
--------------------------+------------------------------
Comment (by mark-k):
Replying to [comment:2 TobiasBg]:
> Both the 403 and the redirect would reveal that there is private content
at that URL, which might not be the desired behavior.
I see where you coming from but I disagree. No one just scans addresses in
a hope that he will discover by pure chance that at address X there is a
content he can't even guess anything about. I assume that most people get
to this kind of URL because they got it in mail or SMS and they know they
are supposed to be able to access the content, but what they see is a "no
content here" page.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23407#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list