2 files changed, 7 insertions, 3 deletions

diff --git a/src/api/routes/albums/albumZipGET.js b/src/api/routes/albums/albumZipGET.js
index b2c9fa7..d1d3e16 100644
--- a/src/api/routes/albums/albumZipGET.js
+++ b/src/api/routes/albums/albumZipGET.js
@@ -17,9 +17,13 @@ class albumGET extends Route {
 			Make sure it exists and it's enabled
 		*/
 		const link = await db.table('links')
-			.where({ identifier, enabled: true })
+			.where({
+				identifier,
+				enabled: true,
+				enableDownload: true
+			})
 			.first();
-		if (!link) return res.status(400).json({ message: 'The identifier supplied could not be found' });
+		if (!link) return res.status(400).json({ message: 'The supplied identifier could not be found' });
 
 		/*
 			Same with the album, just to make sure is not a deleted album and a leftover link
diff --git a/src/api/structures/Server.js b/src/api/structures/Server.js
index f8c6ad1..50f6754 100644
--- a/src/api/structures/Server.js
+++ b/src/api/structures/Server.js
@@ -26,7 +26,7 @@ class Server {
 			/*
 				This bypasses the headers.accept for album download, since it's accesed directly through the browser.
 			*/
-			if (req.url.includes('/api/album/') && req.url.includes('/zip') && req.method === 'GET') return next();
+			if ((req.url.includes('/api/album/') || req.url.includes('/zip')) && req.method === 'GET') return next();
 			if (req.headers.accept && req.headers.accept.includes('application/vnd.lolisafe.json')) return next();
 			return res.status(405).json({ message: 'Incorrect `Accept` header provided' });
 		});