...
This applies when eZ XML containts links to content that the current user does not have read access to. If it is diabled disabled (the default) then such links are shown as /content/view/full/[nodeID], and clicking them will lead to an access denied page. If the setting is enabled (not recommended), then the links use the URL alias of the content instead. This means that the name of the read-protected content will be exposed, which may not be what the content creator expects. (Clicking the URL alias will still lead to an access denied page.)
...