[HTTPS-E Rulesets] Problems browsing scratch.mit.edu with https everywhere enabled
Amos Blanton
amos at scratch.mit.edu
Wed Nov 14 11:27:09 PST 2012
On Wed, Nov 14, 2012 at 2:17 PM, Peter Eckersley <pde at eff.org> wrote:
>
> However it still isn't clear that this would fix the bug we have with
> scratch.mit.edu, because we haven't ruled out the possibility that it's
> caused
> by a .mit.edu cookie that is legitimately secured on other MIT subdomains.
>
>
Hi Peter,
That's not the case for us. Scratch (scratch.mit.edu) is functionally
independent of other MIT subdomains. It's an open source programming
language we developed to help kids around the world learn to program.
Scratch only recognizes its own authentication / cookies.
Incidentally, we also have a variety of cnames, like suggest.scratch.mit.edu,
and wiki.scratch.mit.edu, in case that matters.
Thanks,
Amos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere-rules/attachments/20121114/5d4e0deb/attachment.html>
More information about the HTTPS-Everywhere-Rules
mailing list