| Index: chrome/browser/ui/sync/one_click_signin_helper.cc
|
| diff --git a/chrome/browser/ui/sync/one_click_signin_helper.cc b/chrome/browser/ui/sync/one_click_signin_helper.cc
|
| index f0b8cedcfaa28bea1706fd0a45be47f6f23522ab..c119957ee7b8baf7f5897e78f78a63a4d75510fa 100644
|
| --- a/chrome/browser/ui/sync/one_click_signin_helper.cc
|
| +++ b/chrome/browser/ui/sync/one_click_signin_helper.cc
|
| @@ -55,6 +55,7 @@
|
| #include "chrome/common/url_constants.h"
|
| #include "content/public/browser/browser_thread.h"
|
| #include "content/public/browser/page_navigator.h"
|
| +#include "content/public/browser/render_process_host.h"
|
| #include "content/public/browser/web_contents.h"
|
| #include "content/public/browser/web_contents_view.h"
|
| #include "content/public/common/frame_navigate_params.h"
|
| @@ -553,6 +554,14 @@ bool OneClickSigninHelper::CanOffer(content::WebContents* web_contents,
|
| if (!manager)
|
| return false;
|
|
|
| + if (!manager->IsSigninProcess(
|
| + web_contents->GetRenderProcessHost()->GetID())) {
|
| + // We only allow the dedicated signin process to sign the user into
|
| + // Chrome without intervention, because it doesn't load any untrusted
|
| + // pages.
|
| + return false;
|
| + }
|
| +
|
| // If the signin manager already has an authenticated name, then this is a
|
| // re-auth scenario. Make sure the email just signed in corresponds to the
|
| // the one sign in manager expects.
|
|
|
Chromium Code Reviews
Issue 12374007:
signin: force web signin flow initiated visits to accounts.google.com to their own process. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src