Comment 1 for bug 396998

Throwing "Denied" instead of "not found" for a mis-pasted url isn't very helpful to the pasting user.

However throwing "Denied" for every share address not specifically allowed for the user making the connection does prevent scanning for valid share IDs by an attacker, or at least make it much more difficult.

Perhaps our 500 template could be revised to suggest that mis-copied addresses could be one reason for the failed request?