Guidance to developers affected by our effort to block less secure browsers and applications

On August 28, 2020, Google announced a security measure to block sign-ins from embedded browser frameworks to protect against "man-in-the-middle" phishing attacks, effective January 4, 2021. This move affects applications using the Chromium Embedded Framework (CEF) and other unsupported browsers, necessitating developers to implement OAuth 2.0 flows via supported browsers or full native browsers to ensure continued functionality. Google emphasizes that modern browsers with security updates and certain standards, such as having JavaScript enabled and not using automation features, will continue to be supported. Developers are encouraged to test for compatibility by adding specific HTTP headers to their requests and are directed to previous resources for more information on preventing phishing attacks.