The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023

commit 9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023
Author: Mike West <mkwst@chromium.org>
Date: Mon Sep 10 20:57:01 2018

Harden StaticCookiePolicy to treat empty GURLs as third-party.

Bug:  882107 
Change-Id: I380e01b2663a926c9e5eb7d4ac9f3e433dc869e9
Reviewed-on: https://chromium-review.googlesource.com/1213082
Reviewed-by: Karan Bhatia <karandeepb@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Reviewed-by: Ryan Sleevi <rsleevi@chromium.org>
Commit-Queue: Mike West <mkwst@chromium.org>
Cr-Commit-Position: refs/heads/master@{#590055}
[modify] https://crrev.com/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023/chrome/browser/net/network_context_configuration_browsertest.cc
[modify] https://crrev.com/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023/content/browser/frame_host/navigation_request.cc
[modify] https://crrev.com/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023/content/browser/loader/loader_browsertest.cc
[modify] https://crrev.com/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023/extensions/browser/api/declarative_webrequest/webrequest_condition_attribute_unittest.cc
[modify] https://crrev.com/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023/extensions/browser/api/declarative_webrequest/webrequest_condition_unittest.cc
[modify] https://crrev.com/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023/net/base/static_cookie_policy.cc
[modify] https://crrev.com/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023/net/base/static_cookie_policy_unittest.cc
[modify] https://crrev.com/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023/third_party/blink/renderer/core/dom/document.cc
[modify] https://crrev.com/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023/third_party/blink/renderer/core/exported/web_document_test.cc
[modify] https://crrev.com/9cb9846d1aa3cc68f9d4e7974f5cdc305fb70023/third_party/blink/renderer/core/exported/web_frame_test.cc

This is breaking signin. A lot of requests to Gaia from the browser (signin component) now have their cookies blocked when the user blocked third-party cookies, even though they should be considered first-party.

For example the ListAccounts request, which is created here:
https://cs.chromium.org/chromium/src/google_apis/gaia/gaia_auth_fetcher.cc?rcl=a7544fa319794b67426d6c9872e2f8fdc9f69c40&l=715

Should we revert?

This issue is marked as a release blocker with no OS labels associated. Please add an appropriate OS label.

All release blocking issues should have OS labels associated to it, so that the issue can tracked and promptly verified, once it gets fixed.

Thanks for your time! To disable nags, add the Disable-Nags label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5307e885ce24f0b4e2756ff5512063f754c3a403

commit 5307e885ce24f0b4e2756ff5512063f754c3a403
Author: David Roger <droger@chromium.org>
Date: Thu Sep 20 19:14:43 2018

[signin] Fix first party URL in GaiaAuthFetcher

Bug:  882107 
Change-Id: Ie36e139d17b03bfd75f3b1cec9d557ec5513b084
Reviewed-on: https://chromium-review.googlesource.com/1236214
Reviewed-by: Mihai Sardarescu <msarda@chromium.org>
Commit-Queue: David Roger <droger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#592896}
[modify] https://crrev.com/5307e885ce24f0b4e2756ff5512063f754c3a403/google_apis/gaia/gaia_auth_fetcher.cc
[modify] https://crrev.com/5307e885ce24f0b4e2756ff5512063f754c3a403/google_apis/gaia/gaia_auth_fetcher_unittest.cc

Removing the RBS label, signin now works again.