Opened 11 years ago
Last modified 9 years ago
#2485 new defect (bug)
bbp_forum_enforce_hidden() should return 403
Reported by: | wpdennis | Owned by: | johnjamesjacoby |
---|---|---|---|
Milestone: | 2.7 | Priority: | lowest |
Severity: | trivial | Version: | |
Component: | Component - Forums | Keywords: | |
Cc: |
Description
If we use hidden or private forums and the requesting user is not allowed to see them, bbPress returns 404, File Not Found:
if ( !empty( $forum_id ) && bbp_is_forum_hidden( $forum_id ) && !current_user_can( 'read_hidden_forums' ) ) bbp_set_404();
Response code 403 would be more correct:
"A web server may return a 403 Forbidden HTTP status code in response to a request from a client for a web page or resource to indicate that the server can be reached and understood the request, but refuses to take any further action."
It's confusing to see a 404 if you're not logged in and the most sitemaps will contain the internal topics, too. Sending a lot of 404 URLs to search engine isn't a good idea. 403 is not optimal either, but would be a more appropiate.
You're right. Moving to 2.6.