Signin-Internals queries accounts.google.com

gcarq / inox-patchset

Inox patchset tries to provide a minimal Chromium based browser with focus on privacy by disabling data transmission to Google.

BSD 2-Clause "Simplified" License

364 stars 26 forks source link

Signin-Internals queries accounts.google.com #104

Open gitbugged opened 6 years ago

gitbugged commented 6 years ago

First of all, thank you for creating this very valuable patchset. Please keep up the great work!

I ran WireShark while running the inox patched browser, and noticed there is a leak on the "chrome://signin-internals/" page. This page causes queries to accounts.google.com. So far that is the only leak I've noticed.

Thanks. 👍

Eloston commented 6 years ago

Do you happen to know the URL path? I'm taking a blind guess, but it may be related to this bug.

gcarq commented 6 years ago

I can reproduce it, the URL is:

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumSignInInternalsUI,counter:0,load_time_ms:4046&json=standard HTTP/2.0

It looks like it's related to the linked issue, but as I'm digging into this it like patching this out could break OAuth2