From 3954ab39ae068a98f6b25720981a3505f27cd271 Mon Sep 17 00:00:00 2001
From: Zach Copley <zach@status.net>
Date: Mon, 25 Oct 2010 11:52:17 -0700
Subject: Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL
 if available

---
 lib/util.php | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/lib/util.php b/lib/util.php
index 86380af28..d1c084e2e 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -1080,7 +1080,17 @@ function common_local_url($action, $args=null, $params=null, $fragment=null, $ad
 
 function common_is_sensitive($action)
 {
-    static $sensitive = array('login', 'register', 'passwordsettings', 'api');
+    static $sensitive = array(
+        'login',
+        'register',
+        'passwordsettings',
+        'api',
+        'ApiOauthRequestToken',
+        'ApiOauthAccessToken',
+        'ApiOauthAuthorize',
+        'showapplication',
+        'editapplication'
+    );
     $ssl = null;
 
     if (Event::handle('SensitiveAction', array($action, &$ssl))) {
-- 
cgit v1.2.3