[thelist] 403 or 404?
jenny w
veganjenny at gmail.com
Wed Jun 6 13:27:28 CDT 2007
I'm wondering how a 404 or a 403 would be helpful ... Is the logging
reason the main one? You could still get the logging information in
your application log while reporting a 200 OK or using a 3xx redirect.
FYI, there's no difference between a 404 from a Web server
I'm not sure how the "security through obscurity" argument is helpful.
Trying to apply it in this case is a broad interpretation of the
phrase. Following that logic, these would also be examples of security
through obscurity:
* A firewall config that drops unauthorized packets instead of rejects them.
* Hiding your passwords in shadow instead of passwd.
More information about the thelist
mailing list