Re: Managing Google API key secrets

From: Neil McGovern <neil gnome org>
To: desktop-devel-list gnome org
Subject: Re: Managing Google API key secrets
Date: Tue, 26 Mar 2019 10:05:08 +0000

On Mon, 2019-03-25 at 12:43 -0400, Michael Terry wrote:

Another interesting tidbit from that page is that Google prefers that
you send the user to the system browser for the consent screen,
rather than loading it in-app in a GtkWebKit frame or whatever
(presumably so that the user knows they're actually on a Google page
and the app isn't phishing them for their Google password).


I think this is currently one of the sticking points I'm having when
going through the verification process - there's not really the
understanding of what a native 'app' is. So thanks for that clarity!

Neil
-- 
Neil McGovern
Executive Director, The GNOME Foundation

References:
- Managing Google API key secrets
  - From: Michael Terry

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]