about summary refs log tree commit diff
path: root/config
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2021-04-15 16:28:43 +0200
committerGitHub <noreply@github.com>2021-04-15 16:28:43 +0200
commit3b8d085436fa38aed4d5fa3650e433fc7215b104 (patch)
treed466c4b2957acbe41c1b578b7cf1c86e6774985c /config
parent3d82a1de052ff3cf8698985eb3e8c1cd73c7eedd (diff)
Fix app name, website and redirect URIs not having a maximum length (#16042)
Fix app scopes not being validated
Diffstat (limited to 'config')
-rw-r--r--config/initializers/doorkeeper.rb5
1 files changed, 5 insertions, 0 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index 63cff7c59..f78db8653 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -52,6 +52,11 @@ Doorkeeper.configure do
   # Issue access tokens with refresh token (disabled by default)
   # use_refresh_token
 
+  # Forbids creating/updating applications with arbitrary scopes that are
+  # not in configuration, i.e. `default_scopes` or `optional_scopes`.
+  # (Disabled by default)
+  enforce_configured_scopes
+
   # Provide support for an owner to be assigned to each registered application (disabled by default)
   # Optional parameter :confirmation => true (default false) if you want to enforce ownership of
   # a registered application
generated by cgit-pink (git 2.37.1) at 2024-06-02 14:48:16 +0000