Care to be taken when serving static content (JS, CSS, Media) from different domain?

Posted by Aahan Krish on Stack Overflow See other posts from Stack Overflow or by Aahan Krish
Published on 2012-06-27T02:40:04Z Indexed on 2012/06/27 3:16 UTC
Read the original article Hit count: 201

Filed under:

cookieless

|

static-content

Let me try to explain by example. Say website is hosted at example.com (NOT www.example.com). In order to serve static content cookie-free, I've chosen to use a different domain example-static.com.

Now, lets consider that my static content is currently served like this:

http://example.com/js/script.js
http://example.com/css/style.css
http://example.com/media/image.jpg

** Now I create a CNAME record aliasing example-static.com to my main domain i.e. example.com so that the static content is served as such:

http://example-static.com/js/script.js
http://example-static.com/css/style.css
http://example-static.com/media/image.jpg

** Is that all I have to do? Will all browsers execute JavaScript files and load web fonts without any security concerns? OR should I be using some .htaccess rules to modify header information and the like?

PS: It would be great if you can provide what rules should be added, if need be.

© Stack Overflow or respective owner

Related posts about cookieless

Web Server Scripting Hack to Maintain State and Keep a Domain Cookieless

as seen on Server Fault - Search for 'Server Fault'
Hello, I am looking for a solution on a LAMP server to keep a site cookieless such as "example.com", where static content is served from "static.example.com", and with rules in place to rewrite requests for "www.example.com" to "example.com". I am really hoping to avoid setting up a cookieless domain… >>> More
serving static file from cookieless domain: alternative cookieless directory

as seen on Server Fault - Search for 'Server Fault'
I'm trying to follow all the guidelines of "Google Page Speed??". The directive "Minimize request overhead" requires static content (images, js, css, etc.) on a static server (ie cookieless): https://developers.google.com/speed/docs/best-practices/request I do not want to buy a new server and I was… >>> More
Creating cookieless application on development machine with asp.net

as seen on Server Fault - Search for 'Server Fault'
I am thinking about setting up a new domain to host static content on my website and have it cookieless just like Stackoverflow with their static domain. So before going ahead and buying the domain and setting it up I wanted to test it on my developement machine first under localhost (I have to mention… >>> More
Creating cookieless application on development machine with asp.net

as seen on Stack Overflow - Search for 'Stack Overflow'
I tried posting this on ServerFault with no luck so i am trying here. I am thinking about setting up a new domain to host static content on my website and have it cookieless just like Stackoverflow with their static domain. So before going ahead and buying the domain and setting it up I wanted to… >>> More
Java (Tomcat): how to configure a cookieless subdomain to serve static content

as seen on Stack Overflow - Search for 'Stack Overflow'
One of the tip given by both Google and Yahoo! to speed up webpages loading is to configure a cookieless subdomain to server static content. How do you configure a "cookieless subdomain" using Tomcat in standalone mode (this question is not about how to use Apache to serve static content in a cookieless-way… >>> More

Related posts about static-content

Static content on Wicket application served from OSGi HTTP Service

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm developing a web application that is going to be served from an OSGi HTTP service, I register it using a WicketServlet, and I don't know how to serve static files (CSS, JS, images and so). How could I mount a directory as a resource with the static content? Or should I configure the resource… >>> More
Serving static content from cookie less domain and mod_deflate

as seen on Server Fault - Search for 'Server Fault'
I have two domain. One domain with my main website and the other with js/css/etc.. files, static content. mod_deflate is enabled for both domains, but when i run ySlow in FireFox it says none of my static content is compressed. When i bring back the js or css file to my normal domain it gets compressed… >>> More
Serving static content from cookie less domain and mod_deflate

as seen on Stack Overflow - Search for 'Stack Overflow'
I have two domain. One domain with my main website and the other with js/css/etc.. files, static content. mod_deflate is enabled for both domains, but when i run ySlow in FireFox it says none of my static content is compressed. When i bring back the js or css file to my normal domain it gets compressed… >>> More
Intellij + GWT 2: Development Mode ignores changes to static content

as seen on Stack Overflow - Search for 'Stack Overflow'
The new Development Mode in GWT 2 is awesome, but unfortunately as launched from Intellij IDEA 9, it does not seem to notice changes made to static files such as html, css, etc. It immediately see changes in *.java files, but not the static ones. If I make a change in a static file I need to quite… >>> More
Optimized throughput of static content from app server

as seen on Stack Overflow - Search for 'Stack Overflow'
I am building a small web application that primarily needs to serve up protected static content -- some flash (.swf) files 20MB -- from an application server (Websphere) that is front ended by a web server (Apache). Are there there any Websphere configuration settings that I should consider to optimized… >>> More