Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if

available
2010-10-25 11:52:17 -07:00 · 2010-10-25 11:52:17 -07:00 · 3954ab39ae
commit 3954ab39ae
parent 82c280979d
1 changed files with 11 additions and 1 deletions
--- a/lib/util.php
+++ b/lib/util.php
@ -1080,7 +1080,17 @@ function common_local_url($action, $args=null, $params=null, $fragment=null, $ad

 function common_is_sensitive($action)
 {
-    static $sensitive = array('login', 'register', 'passwordsettings', 'api');
+    static $sensitive = array(
+        'login',
+        'register',
+        'passwordsettings',
+        'api',
+        'ApiOauthRequestToken',
+        'ApiOauthAccessToken',
+        'ApiOauthAuthorize',
+        'showapplication',
+        'editapplication'
+    );
    $ssl = null;

    if (Event::handle('SensitiveAction', array($action, &$ssl))) {