Re: Google will block sign-ins from CEF browsers in June 2019
Posted: Thu May 16, 2019 10:27 am
The CEF project maintainer posted a deprecation schedule and some more information.
https://magpcss.org/ceforum/viewtopic.php?f=10&t=16764
[2] https://groups.google.com/a/chromium.or ... j1v_cqBgAJ
[3] http://www.appauth.io/
https://magpcss.org/ceforum/viewtopic.php?f=10&t=16764
[1] https://security.googleblog.com/2019/04 ... +Blog)&m=1Hi All,
Google will begin blocking sign-in from CEF-based embedded web views (announced here[1] and initially discussed here[2]) on the following proposed schedule:Google has requested feedback on this schedule. You can post your feedback here[3], or reach out to Jonathan Skelker directly.
- June 2019: block all obvious automation.
- Aug 2019: block all new app from signing in using CEF.
- Jan 2020: block existing app from signing in using CEF.
What apps will be impacted?
This will impact any apps that sign in to Google services directly instead of using the recommended OAuth flow. Google has a resource here that can help with OAuth authentication using the system browser.
What apps will not be impacted?
This should not impact apps that are themselves genuine system browser apps (e.g. apps that are intended to replace the default system browser). If you are the author of a system browser app and have upfront concerns please reach out to Jonathan Skelker directly.
[2] https://groups.google.com/a/chromium.or ... j1v_cqBgAJ
[3] http://www.appauth.io/