问题
I assume it has something to do with this:
For me Google one Tap stopped working on all my sites that previously worked. I added API HTTP refer to restriction in console.developer.com, but I still get a warning message "The client origin is not permitted to use this API." any thoughts? If you go to the page https://www.wego.com/ you can see that Google one tap still works...
https://news.ycombinator.com/item?id=17044518#17045809
but Google YOLO stop working for everyone. I use it like many people for login and it just stop work.
My domain are obviously added on console.developers.google.com
Any ETA for fix this? Some information would be great for people who rely on it.
回答1:
Google YOLO is not disabled. It is open to a small list of Google Partners. The reason you were able to access it earlier was because it was open for a short period of time but the whitelist is now readded/enabled.
Reference: https://twitter.com/sirdarckcat/status/994867137704587264
回答2:
Google YOLO was put on whitelist after a client-side exploit became clear to google. People could cover the login button of the prompt with something like a cookie consent (which we all know people automatically accept). Therefor people could easily steal their gmail or other details due to this google decided to put it on whitelist and review the sites that are using this technology in order to ensure that they are using it as they should.
回答3:
Google retroactively labeled One-Tap as a "closed beta".
https://developers.google.com/identity/one-tap/web
The beta test program for this API is currently closed. We are improving the API's cross-browser functionality and will provide updates here in the coming months.
The link for the entire project is currently 404, but the beta statement is visible on the wayback machine.
来源:https://stackoverflow.com/questions/50289065/google-yolo-stop-working-the-client-origin-is-not-permitted-to-use-this-api