Deleted Threads throw HTTP 403

rellek

Well-known member
Soft deleted threads throw HTTP 403 and bring you to the login mask. It would make way more sense if a soft deleted thread is handled like a hard deleted thread. If you don't have permission to see it anyway, it should pretend to not exist. So it should throw HTTP 404 and should not bring the login mask but should tell the user that the ID doesnt exist.
 
Upvote 7
This is more of a suggestion. All of our permission-based checks can throw something like that so it's not necessarily an easy change.
 
rellek, could you not redirect 403 server errors to a custom program (error403.php for example) that could check the URI and if it points to a thread or post, have it redirect to a page telling them the thread was not found? On all other 403 errors, you could handle it like you normally would.

-Zeras
 
Zeras,
I don't know if that is possible as XF handles those HTTP codes itself. I think this is only possible if your web server throws such a message because it cannot read a file or you didn't provided your credentials on a htaccess login.
 
Zeras,
I don't know if that is possible as XF handles those HTTP codes itself. I think this is only possible if your web server throws such a message because it cannot read a file or you didn't provided your credentials on a htaccess login.
True .. I was assuming that the 403 errors were displayed by the server, but it makes more sense that XF is throwing the errors.

-Zeras
 
Top Bottom