Code review comment for lp:~beuno/loggerhead/serve-config

> > What about using 403 Forbidden for hidden
> > branches instead of 404 Not Found? Obviously it'd reveal their existence,
> but
> > it's also more true to a setting named "serve_http = False". Sort of. Maybe.
> > :D
>
> I've noted that some servers go the other way, and pitch a 403 for requests to
> non-existent branches as well. This is either "more secure" or "of dubious
> helpfulness", depending on your point of view.

For truly non-existent branches, I vote 404.

For hidden branches, IMO 403 is correct, but I can accept 404 for the privacy aspect.

Anyway, what do you want to do here? I'm okay either way. :)