Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Part of it is removing extra data when requesting style sheets and such - there's no need for a browser to send all of the set cookies it has for your web application when it's fetching styles, so people buy separate domains for them.


I'm not a web dev, so pardon my ignorance.

Setting cookies for one third-level subdomain[0] and serving assets from another still sends all of the cookies across when fetching the assets?

[0] e.g. cookie.example.com and assets.example.com


The problem is you can't explicitly tell a browser to fetch a cookie from cookie.example.com - and when you have multiple subdomains which rely on the cookie, plus analytics software which sets it for the whole domain, you can't do that.


The following isn't snark:

So, is that a "yes" to my question? A "sort of"? A "it's too complicated to summarize"?


Sort of: If you only ever need a cookie set on app.example.com, you can do that and use assets.example.com. It'll work for simple applications and not much else.

Things like Google Analytics also set cookies by default on *.example.com so you'll have to figure out a way around that.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: