Issue metadata
Sign in to add a comment
|
Can't switch accounts on Google Docs due to new security restrictions |
||||||||||||||||||||
Issue descriptionChrome Version: 62.0.3165.0 (Official Build) canary (64-bit) OS: macOS (certainly happening with all however) What steps will reproduce the problem? (1) Go to the following document which is hosted in the chromium.org domain, with a browser that's principally logged in to @google.com and secondarily logged in to @chromium.org: https://docs.google.com/a/chromium.org/spreadsheets/d/18x9PGMlfgWcBr4fDz2SEEtIwTpSjcBFT2Puib47ZF1w/edit?disco=AAAABNdXgXw&usp=todo_email_discussion&ts=5976896f (2) Document will be comment-only. (3) Click "Sign In" in the upper-right. (4) @google.com account will be logged in. (5) Click account name and select secondary account (@chromium.org). (6) Document will be reopened in a new tab which once again says "Sign in" with the following error in the console: Refused to display 'https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://docs.google.com/sharing/init?id%3D18x9PGMlfgWcBr4fDz2SEEtIwTpSjcBFT2Puib47ZF1w%26foreignService%3Dritz%26gaiaService%3Dwise%26shareService%3Dritz%26subapp%3D10%26popupWindowsEnabled%3Dtrue%26shareUiType%3Ddefault%26hl%3Den%26authuser%3D1%26rand%3D1500956046932&followup=https://docs.google.com/sharing/init?id%3D18x9PGMlfgWcBr4fDz2SEEtIwTpSjcBFT2Puib47ZF1w%26foreignService%3Dritz%26gaiaService%3Dwise%26shareService%3Dritz%26subapp%3D10%26popupWindowsEnabled%3Dtrue%26shareUiType%3Ddefault%26hl%3Den%26authuser%3D1%26rand%3D1500956046932&hl=en&authuser=1' in a frame because it set 'X-Frame-Options' to 'deny'. What is the expected result? Expect to view the document via my @chromium.org account. What happens instead? Can't view the document via my @chromium.org account. The workaround is to open it in an Incognito tab and log in afresh from there. I don't remember when this regressed but have noticed it for at least a few weeks. I thought it might be a transient thing but it's still broken. From my standpoint this is a major regression in multi-login. Marking M-62, ReleaseBlock-Stable so this gets attention.
,
Jul 26 2017
battre@: I think this is a bug related to multi-login in the content area due to the way Drive works (and maybe some other bug in Blink). I do not think this is related to the Chrome sign-in code. kbr@chromium.org: Could you test this in a different browser? Does this work on Safari / IE or Edge for example?
,
Jul 26 2017
Yes, it works in Safari Version 10.1.1 (12603.2.4). I set things up there so that both my @google.com and @chromium.org accounts were added to Drive, with the @google.com one logged in first so that it's the primary. Pasting the link to the spreadsheet above correctly and immediately takes me to the spreadsheet authenticated with my @chromium.org account. (The spreadsheet's URL explicitly references the chromium.org organization.) Doing the same in Chrome does a couple of redirects (Safari might be doing this too, I can't easily tell) and then offers me the "SIGN IN" text at the top right. Clicking it authenticates to @google.com, and I can't switch to @chromium.org.
,
Jul 26 2017
I just followed the repro steps, and in steps (1)-(2), when I open the spreadsheet, it opens signed into my @chromium.org account already (which sounds like the behavior you're observing in Safari). So I'm unable to repro this issue. It sounds like an issue with multi-login to me (as opposed to an issue with Chrome), but I'm not 100% sure. +Lucia -- who would be a good engineering POC on the multi-login team that could help us diagnose this issue?
,
Jul 26 2017
Marking this as ExternalDependency for now, on b/64078233.
,
Jul 26 2017
Reducing priority for now as well and removing RBS, until we determine that this is in fact a client-side bug.
,
Jul 26 2017
Thanks for triaging this. Could certainly be something wrong with my cookies, but things clearly should not get stuck in a broken state. Have provided information on b/64078233 .
,
Nov 10 2017
,
Dec 1 2017
I second this issue, version (64.0.3278.0 (Official Build) dev (64-bit)) on Linux Console output: [14274:14274:1201/092118.226644:ERROR:CONSOLE(0)] "Refused to display 'https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://notifications.google.com/u/0/widget?sourceid%3D243%26hl%3Den%26origin%3Dchrome-search://local-ntp%26uc%3D1%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.gapi.en.xcOUrevACUU.O/m%253D__features__/am%253DAAE/rt%253Dj/d%253D1/rs%253DAHpOoo_8YI-e6bhRV8OwDIX8yxw8HcW4bg&followup=https://notifications.google.com/u/0/widget?sourceid%3D243%26hl%3Den%26origin%3Dchrome-search://local-ntp%26uc%3D1%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.gapi.en.xcOUrevACUU.O/m%253D__features__/am%253DAAE/rt%253Dj/d%253D1/rs%253DAHpOoo_8YI-e6bhRV8OwDIX8yxw8HcW4bg&hl=en#pid=243&_methods=onError%2ConInfo%2ChideNotificationWidget%2CpostSharedMessage%2Creauth%2CsetNotificationWidgetHeight%2CsetNotificationWidgetSize%2CswitchTo%2CnavigateTo%2CsetNotificationText%2CsetNotificationAnimation%2CgetNotificationText%2CvalidateUser%2C_ready&id=I0_1512116478033&_gfid=I0_1512116478033&parent=chrome-search%3A%2F%2Flocal-ntp&pfname=&rpctoken=35091609' in a frame because it set 'X-Frame-Options' to 'deny'.", source: chrome-search://local-ntp/local-ntp.html (0) Please notice that the account switcher should show up on source "chrome-search://local-ntp/local-ntp.html" which is really curious
,
Feb 18 2018
|
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by battre@chromium.org
, Jul 26 2017