[wp-trac] [WordPress Trac] #46296: Posts set to 'private' and password protected should return a 403 HTTP header status
WordPress Trac
noreply at wordpress.org
Sun Jul 9 19:48:12 UTC 2023
#46296: Posts set to 'private' and password protected should return a 403 HTTP
header status
-------------------------------+------------------------------
Reporter: jonoaldersonwp | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Posts, Post Types | Version:
Severity: minor | Resolution:
Keywords: seo | Focuses:
-------------------------------+------------------------------
Comment (by Presskopp):
@jonoaldersonwp what do you say to
I disagree with this specifically - privately published posts should not
be "known" to anybody who shouldn't have access. Returning a 403 instead
of 404 would make it known.
by @helen (https://core.trac.wordpress.org/ticket/29829#comment:2)
and
Private is not meant to be "you need an account" private. It is meant to
be "it doesn't exist" private. Let's not tip our hats with a 403.
by @nacin (https://core.trac.wordpress.org/ticket/23407#comment:4)
--
Ticket URL: <https://core.trac.wordpress.org/ticket/46296#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list