Description of the issue
In Google Drive you can normally add draw.io drawings.
When opening an existing drawio drawing I get a dialog with the message:
“Authorization required
Authorize this app in Google Drive”
Hitting the authorize button will open a popup where you can choose a Google account, you are then sent back to drawio and get the following error:
“Error
Log in attempts failed. Please try again later.”
It links to this help article: https://desk.draw.io/support/solutions/articles/16000074659
As detailed out below the only way to make it work currently seems to be to temporarily change the default cookie policy to allow 3rd party cookies.
Once the third-party cookies are set, authorization works, even when I reset the 3rd party cookie policy.
Looking at the Network tab the problematic requests seem to be the ones directed at:
https://accounts.google.com/o/oauth2/iframerpc
With brave default settings and even when shields for drawio are disabled, these requests don’t contain cookies in the request headers.
When changing the default 3rd party cookie policy to allow all cookies, the requests to oauth2/iframerpc will contain all Google cookies and authorization in drawio works as expected.
Exact URL of the website in question
drive.google.com then choose “New -> More -> Connect more apps -> choose drawio”
Did the issue present with default Shields settings? [Default states are: Block: Ads/Trackers, 3rd Party Cookies, 3rd Party Fingerprinting Allow: Encrypt Connections enabled (HTTPS), Scripts] (yes/no)
Yes, with default shields settings this issue shows. Only when changing the default shield setting to allow all cookies the issue goes away.
Does the site function as expected when Shields are turned off? (yes/no)
Turning off shields for draw.io doesn’t solve the issue. Even turning shields off for accounts_google_com as well doesn’t change anything.
Is there a specific Shields configuration that causes the site to break? If so, tell us that configuration. (yes/no)
As mentioned above, changing of shields settings (even turning shields off entirely for drawio) doesn’t change anything about the behavior. Only changing the default 3rd-party cookie policy to allow all cookies makes authorization work in drawio.
Does the site function as expected when using Chrome? (yes/no)
yes
What Brave version/Build are you using when you encounter the issue?(About Brave info)
Version 0.56.12 Chromium: 70.0.3538.77 (Official Build) (64-bit)