Sometimes, it is too easy to modify dangerous settings by accident. I heard of numerous issues where oC admins broke their instance by unintentionally clicking in the LDAP settings.
Here is my proposal for improvement:
I also think we should have 'OK' or 'Apply' buttons.
The current behaviour is more messy to implement for developers and as you said potentially dangerous.
Also you might have been kicked out of your internet connection and then don't know if you did a setting
0voters
Choose up to 2 options
Also an issue with the external storage configuration, especially that it saves and creates storage entries before you finished typing if you happen to take a break while typing in a path...
External storage issue: https://github.com/owncloud/core/issues/22479
I may be oldfashioned, but I expect an explicit OK or APPLY button, and maybe a 'You have unsaved changes' warning, when leaving without APPLY. These are admin settings. They do not need to follow any modern 'click in empty space to save' ideas, IMHO. 
Please also vote if you don't care, so we don't have results like in totalitarian states
The issue goes throughout however, there are also settings a user has to do, like passwords. Of course then there are things like the sharing action where I would not want to press apply. Or when a user is added to a group. IMHO we need consistency throughout and logic when which behaviour exists and why.
I would be for a ok or apply button, too.
Please! please!please! a confirmation bottom would be great
Additionally if there are some changes in the expert tab should be a reminding that says:
"Making changes in the expert tab in production system will be create big problems that can't be repaired later"
(Or similar) 
+1000
All dangerous actions that can not be undo should have a cleaner UI, confirmation button, alerts..
As Delete a file, just below the download button.. really easy to delete the file instead.
We have a wonderful trash-bin for recovery most of them, but if you delete a file that was shared with you.. 
we will lose access to it
Related undo actions https://github.com/owncloud/core/issues/26296
We could go ever further and implement different stages of severity where confirming changes will require more action on the changers side.
A simple Save (changes) button accepts changes.
e.g. Change "Full Name" in personal settings
= 1 click
Clicking the Save (changes) button triggers a confirmation window/overlay with an yes or no option.
= 2 clicks
Clicking the Save (changes) button triggers a confirmation window/overlay, reminding you of the consequences of your action and requiring you to input a word (lets say confirm) into a field and clicking yes again.
= 2 clicks + 1 txt input
These the leves can be used all around OC and even extended if needed. A simple DATA Tag added to the save button could do the trick. (e.g. data-conf-level="1") and would require no further implementation on the dev. side.
Take a quick look @ LDAP Gui Save Button Proposal Mockup
We should keep the smart button idea in mind tho!
No need to make it this complicated. Keep it simple.
