I've found 1 more change, I guess I forgot about it earlier.
Basically, /oauth and /oauth/authorize actions do not need to support json extension. Actually, /oauth/authorize.json might even leak some sensitive data (if not careful), so I think that it is better to disable it completely.
I've found 1 more change, I guess I forgot about it earlier.
Basically, /oauth and /oauth/authorize actions do not need to support json extension. Actually, /oauth/authorize.json might even leak some sensitive data (if not careful), so I think that it is better to disable it completely.