-
Suggestion
-
Resolution: Won't Fix
-
None
Related to CONF-7073, this is what an unauthorized message is for. Users should be given the option to choose the behavior since Atlassian is straying from the normal behavior of the web when a user doesn't have access (by returning a 404).
Its bizarre to default an invalid permission issue to a false 404 message.
In our instance we a have reverse proxy which handles error messages for us, and this invalid error message confuses everything and everybody.
- relates to
-
CONFSERVER-9239 "Page not found" (404) is displayed to users without view permissions, should be "Access denied"
- Closed