We now remove everyone from the whitelist for now.
    
    They will be re-enabled as we check the for vulnerability level to the covert redirect bug.