signin: force web signin flow initiated visits to accounts.google.com to their own process.

chrome/browser/ui/sync/one_click_signin_helper.cc

Index: chrome/browser/ui/sync/one_click_signin_helper.cc
diff --git a/chrome/browser/ui/sync/one_click_signin_helper.cc b/chrome/browser/ui/sync/one_click_signin_helper.cc
index 5a169c074bf4ad9ff093e2628a9f4b5b6a288b3f..a9d581984ed3d94d0500f91525e26ba2c157da8f 100644
--- a/chrome/browser/ui/sync/one_click_signin_helper.cc
+++ b/chrome/browser/ui/sync/one_click_signin_helper.cc
@@ -55,6 +55,7 @@
 #include "chrome/common/url_constants.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/page_navigator.h"
+#include "content/public/browser/render_process_host.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/browser/web_contents_view.h"
 #include "content/public/common/frame_navigate_params.h"
@@ -610,6 +611,14 @@ bool OneClickSigninHelper::CanOffer(content::WebContents* web_contents,
     if (!manager)
       return false;
 
+    if (!manager->IsSigninProcess(
+            web_contents->GetRenderProcessHost()->GetID())) {
+      // We only allow the dedicated signin process to sign the user into
+      // Chrome without intervention, because it doesn't load any untrusted
+      // pages.
+      return false;
+    }
+
     // If the signin manager already has an authenticated name, then this is a
     // re-auth scenario.  Make sure the email just signed in corresponds to the
     // the one sign in manager expects.