DescriptionMerge 237115 "Security fix for untrusted signin confirm dialog"
> Security fix for untrusted signin confirm dialog
>
> When the window associated with the confirm dialog is closed without user clicking 'ok got it', chrome starts sync with default settings. This could be exploited to sign a user's Chrome into an attacker's account, as reported in crbug 321940.
>
> BUG=321940
>
> Review URL: https://codereview.chromium.org/79553004
TBR=guohui@chromium.org
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=238138
Patch Set 1 #
Messages
Total messages: 3 (0 generated)
|