Currently (as of version 1.18.3) if one tries to view a private repo without proper access (eg. not logged in), Gitea will response with 404 code, which semantically should be 401 or 403. I understand this might due to security reasons, but it is possible to change Gitea’s behaviour to response 401 if the origin is trusted (like the request is from a trusted IP range), while remain the 404 response to the general internet?
1 Like