signin: force web signin flow initiated visits to accounts.google.com to their own process.

chrome/renderer/chrome_content_renderer_client.cc

Index: chrome/renderer/chrome_content_renderer_client.cc
diff --git a/chrome/renderer/chrome_content_renderer_client.cc b/chrome/renderer/chrome_content_renderer_client.cc
index 0a28d0f0c00f5433041fbf7d1d05e903ae5ff555..d4a65fdcc46ea27b0ca7ad04e5ee53bbf6be4f05 100644
--- a/chrome/renderer/chrome_content_renderer_client.cc
+++ b/chrome/renderer/chrome_content_renderer_client.cc
@@ -844,6 +844,17 @@ bool ChromeContentRendererClient::ShouldFork(WebFrame* frame,
   if (http_method != "GET")
     return false;
 
+  // If this is the Signin process, fork all navigations originating from the
+  // renderer.  The destination page will then be bucketed back to this Signin
+  // process if it is a Signin url, or to another process if not.
+  if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSigninProcess)) {
+    // We explicitly do this *after* checking that http_method is not POST,
+    // because we don't want to allow non-signin pages to fork-on-POST to a
+    // signin-related action URL.
+    CHECK_NE(http_method, "POST");
+    return true;
+  }
+
   // If |url| matches one of the prerendered URLs, stop this navigation and try
   // to swap in the prerendered page on the browser process. If the prerendered
   // page no longer exists by the time the OpenURL IPC is handled, a normal