Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
when requesting an private id, the permalink is revealed #723
about the response code that's not that easy since each type of user users (legitimate ones, administrators, webmaster, uploaders and the ones who really shouldn't get the content) have reasons to know that an album they are trying to reach is forbidden. We could add a local config to change to a 404 but I think a gallery willing to have such a level a privacy would just make a custom plugin to tweak that and numerous other details.
However, what is wrong -and is the goal of the current ticket- is disclosing the permalink which contains an info about the potential content.