Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if

author Zach Copley <zach@status.net>

Mon, 25 Oct 2010 18:52:17 +0000 (11:52 -0700)

committer Zach Copley <zach@status.net>

Mon, 25 Oct 2010 18:52:17 +0000 (11:52 -0700)
author Zach Copley <zach@status.net>
Mon, 25 Oct 2010 18:52:17 +0000 (11:52 -0700)
committer Zach Copley <zach@status.net>
Mon, 25 Oct 2010 18:52:17 +0000 (11:52 -0700)
diff --git a/lib/util.php b/lib/util.php

index 86380af281712ae77c1208cc0d4b3639e75985d3..d1c084e2e7fb7f0a465351d409a01a66a1b9a56e 100644 (file)
--- a/lib/util.php
+++ b/lib/util.php
@@ -1080,7 +1080,17 @@ function common_local_url($action, $args=null, $params=null, $fragment=null, $ad
  
  function common_is_sensitive($action)
  {
-    static $sensitive = array('login', 'register', 'passwordsettings', 'api');
+    static $sensitive = array(
+        'login',
+        'register',
+        'passwordsettings',
+        'api',
+        'ApiOauthRequestToken',
+        'ApiOauthAccessToken',
+        'ApiOauthAuthorize',
+        'showapplication',
+        'editapplication'
+    );
      $ssl = null;
  
      if (Event::handle('SensitiveAction', array($action, &$ssl))) {
author	Zach Copley <zach@status.net>
	Mon, 25 Oct 2010 18:52:17 +0000 (11:52 -0700)
committer	Zach Copley <zach@status.net>
	Mon, 25 Oct 2010 18:52:17 +0000 (11:52 -0700)