WIP: Update OAuth web template (!1048) · Merge requests · Pleroma / pleroma

feld requested to merge feld/pleroma:update-oauth-template into develop Apr 11, 2019

This backports changes made by @shpuld

After behavior analysis of apps with reduced permissions and comparison with Mastodon's behavior I believe we should not allow users to alter the OAuth scopes requested by apps. Apps should be expected to only request the scopes that they need, and if an app is requesting more permissions than you are willing to grant you should not use that app.

Edited Apr 11, 2019 by feld

WIP: Update OAuth web template

Merge request reports