diff --git a/core/modules/rest/lib/Drupal/rest/FileAccessController.php b/core/modules/rest/lib/Drupal/rest/FileAccessController.php
index 178b8bf..b676797 100644
--- a/core/modules/rest/lib/Drupal/rest/FileAccessController.php
+++ b/core/modules/rest/lib/Drupal/rest/FileAccessController.php
@@ -22,7 +22,7 @@ class FileAccessController extends EntityAccessController {
    * {@inheritdoc}
    */
   protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
-    if ($operation == 'view') {
+    if (($operation == 'view') && (file_uri_scheme($entity->getFileUri()) == 'public')) {
       return TRUE;
     }
     else {