Bug 467900 - Security concern for login in with KDE Online Accounts
Summary: Security concern for login in with KDE Online Accounts
Status: REPORTED
Alias: None
Product: kio-gdrive
Classification: Frameworks and Libraries
Component: general (show other bugs)
Version: 22.08.1
Platform: Ubuntu Linux
: NOR wishlist
Target Milestone: ---
Assignee: Elvis Angelaccio
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-03-28 21:09 UTC by silocoder
Modified: 2023-03-28 21:10 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
KDE Online Account popup hard to identify target or browser. (85.66 KB, image/jpeg)
2023-03-28 21:09 UTC, silocoder 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description silocoder 2023-03-28 21:09:55 UTC 
Created attachment 157675 [details]
KDE Online Account popup hard to identify target or browser.

The issue is when I want to connect KDE Online Accounts and I get what looks like the Google login page. The login page should be a separate browser based window showing the complete google url that you want to use to connect. Currently it is just a plain popup which means I have no way of trusting it with my password that in fact it is KDE's Online Accounts popup or someone else's man in the middle popup as KDE.

Here is the example signup window I am talking about:
[url]https://ibb.co/HNkMLFd[/url]

Normally when I connect accounts using google, Chrome or some other legit browser pops up with the full URL displayed at the top that you can verify the request is going to Google for authentication.

I think it should looks something like this. Notice how it is a browser window with full URL in display.
https://ibb.co/zm53QT8

Is there possibly another way to connect the KDE Online Account that clearly shows a legitimate browser and it's URL.