[HTTPS-Everywhere] Flagging cookies as secure

[Chris Palmer]

On Nov 12, 2010, at 1:11 PM, Seth David Schoen wrote:

> But there's no way to target all subdomains under the <target>
> mechanism without eliminating all the efficiency benefits of <target>.

How about: If the cookies Domain covers any of the origins we want to secure, then secure that cookie. No need to explode the number of targets, and no need to secure cookies for origins we don't care about/don't have a rule for.


-- 
Chris Palmer
Technology Director, Electronic Frontier Foundation