Uploaded image for project: 'phpBB'
  1. phpBB
  2. PHPBB-17078

Invisible forums should be more concealed

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • 3.3.9
    • None

      When an user tries to access to a non-existent forum or topic, he or she gets one of these messages : "The forum you selected does not exist." or "The requested topic does not exist."

       

      If he or she tries to access to a private forum or topic, he or she gets one of these messages : "You are not authorised to read this forum." or "You are not authorised to read this forum.". Regardless the visibility of the private area.

       

      My opinion is the message should be different if the private forum is also not visible to unauthorised users (when the permission "Can see forum" is disabled). If the forum is not visible, we can assume administators want unauthorised users don't know its existence. Therefore, the error messages for the unauthorized access should be the same those for non-existent forum or topic, and the HTTP header for the output page should be 404 instead of 403.

            Unassigned Unassigned
            Big Monstro Big Monstro
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: