Existence of private projects indicated by error message from unauthenticated access to `/issues/new`
The authentication banner displays the message "Please sign in to create the new issue" when a private projects new issues URI is accessed in an unauthenticated manner.
Impact on it's own is minor, however, when combined with an vulnerability such as !45689, it could be used for targeted private project contents disclosure.
Steps to reproduce
Directly access a private projects
/issues/new URL from a new private browsing window: https://gitlab.com/asaba/dotfiles/issues/new
Any private project.
What is the current bug behavior?
The blue "Please sign in to create the new issue" is shown, indicating the existence of a private project.
What is the expected correct behavior?
The generic red "You must log in to continue" banner should be shown to the user for any attempted unauthenticated access.