aboutsummaryrefslogtreecommitdiff
path: root/lib/pleroma/web/twitter_api
diff options
context:
space:
mode:
Diffstat (limited to 'lib/pleroma/web/twitter_api')
-rw-r--r--lib/pleroma/web/twitter_api/controllers/util_controller.ex6
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex
index ef43f7682..a4e44efdd 100644
--- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex
+++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex
@@ -123,8 +123,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
end
end
- def delete_account(%{assigns: %{user: user}} = conn, params) do
- password = params[:password] || ""
+ def delete_account(%{assigns: %{user: user}, body_params: body_params} = conn, params) do
+ # This endpoint can accept a query param or JSON body for backwards-compatibility.
+ # Submitting a JSON body is recommended, so passwords don't end up in server logs.
+ password = body_params[:password] || params[:password] || ""
case CommonAPI.Utils.confirm_current_password(user, password) do
{:ok, user} ->
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-29 16:41:32 +0000