404 for hidden files to not revleal their existence.

12 years ago · 0c794b5d2c
parent 7ab69652ea
commit 0c794b5d2c
1 changed files with 1 additions and 1 deletions
--- a/IPython/html/base/handlers.py
+++ b/IPython/html/base/handlers.py
@ -266,7 +266,7 @@ class AuthenticatedFileHandler(IPythonHandler, web.StaticFileHandler):
        abs_path = super(AuthenticatedFileHandler, self).validate_absolute_path(root, absolute_path)
        abs_root = os.path.abspath(root)
        if is_hidden(abs_root, abs_path):
-            raise web.HTTPError(403)
+            raise web.HTTPError(404)
        return abs_path