Blocking okta.com breaks PLTW login for K-12 educational sites

[drthomasho]

http://mypltw.org/ is used by many K-12 educational sites to deliver curriculum so please add it to the "yellowlist"

If not possible, please explain why because I will probably have to UNinstall PrivacyBadger from the Chrome browser on our G Suite domain otherwise.

[ghostwords]

Hello and thanks for getting in touch! Could you provide one or two example sites where mypltw.org is in use? Feel free to also provide debugging information from a Privacy Badger that learned to block mypltw.org.

[drthomasho]

If you are asking for organizations who use https://my.pltw.org/login, it is used by teachers and students at any schools https://www.pltw.org/experience-pltw/school-locator who use Project Lead the Way curricula https://www.pltw.org/our-programs.

With regard to your other request, I have cc'ed one of our teachers who encountered Privacy Badger when trying to access the URL as well as our Help Desk who asked me to "whitelist" it. By the way, we had no difficulty in the spring when I first installed Privacy Badger on our Chrome browsers via G Suite.

On Thu, Aug 6, 2020 at 4:38 PM Alexei notifications@github.com wrote:

Hello and thanks for getting in touch! Could you provide one or two example sites where mypltw.org is in use? Feel free to also provide debugging information https://github.com/EFForg/privacybadger/wiki/Find-out-why-Privacy-Badger-is-blocking-a-domain from a Privacy Badger that learned to block mypltw.org.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/EFForg/privacybadger/issues/2663#issuecomment-670180114, or unsubscribe https://github.com/notifications/unsubscribe-auth/AD527465K4T7V5X27465EPLR7MID3ANCNFSM4PW4RFIQ .

-- [image: photo] Thomas I. M. Ho, Ph.D. Director of Technology Integration & Support, Traders Point Christian Schools

+1 (317) 768-3556 <+1+(317)+768-3556> | +1 (317) 288-1790 <+1+(317)+288-1790> | +1 (317) 769-2456 | tho@tpcs.org

http://DrThomasHo.com | Skype: DrThomasHo <#SignatureSanitizerSafeHtmlFilter> 5770 Whitestown Parkway, Whitestown, Indiana 46075 USA | https://vyte.in/drthomasho/30 http://twitter.com/DrThomasHo http://facebook.com/thomasho http://linkedin.com/in/DrThomasHo Training scholars, making disciples, graduating leaders http://twitter.com/drthomasho

-- See how we #WalkInWisdomTPCS https://tagboard.com/WalkInWisdomTPCS/362603

[ghostwords]

I am asking for one or two links to pages that use mypltw.org. This is so I can look to see why Privacy Badger learns to block this domain, and what we should do about it. Right now I have too little information to go on; I don't have any other user error reports for mypltw.org, for instance.

By the way, we had no difficulty in the spring when I first installed Privacy Badger on our Chrome browsers via G Suite.

Privacy Badger automatically learns to block trackers as you browse: https://privacybadger.org/#How-does-Privacy-Badger-work

[ghostwords]

Also, as an administrator, you should be able to disable Privacy Badger on a list of sites you specify (while keeping Privacy Badger enabled on all other sites) for all your G Suite installations using policies. See our admin deployment doc for more information.

[drthomasho]

PLTW Terms of Service is a page which uses that URL

Here's a school directing its students to my.pltw.org

Are these sufficient?

[ghostwords]

I don't see any mypltw.org resources on https://www.pltw.org/terms-of-service ...

I guess now I realize I'm not at all clear on what exactly is broken or where it happens. Could you ask whoever has direct experience with this problem to post here or to get in touch with me via email? I need to know what breaks (missing images? blank page? login fails?) and where. I also need to know which domain or domains are responsible (I can figure out this part myself if I can visit the pages where the breakage occurs).

[ghostwords]

Closing as we need more information and the original reporter can no longer reproduce.

[ghostwords]

It looks like the problem is that blocking subdomains of okta.com breaks login on https://my.pltw.org/login.

[ghostwords]

This is related to #137.