Care to be taken when serving static content (JS, CSS, Media) from different domain?

Posted by Aahan Krish on Stack Overflow See other posts from Stack Overflow or by Aahan Krish
Published on 2012-06-27T02:40:04Z Indexed on 2012/06/27 3:16 UTC
Read the original article Hit count: 230

Filed under:
|

Let me try to explain by example. Say website is hosted at example.com (NOT www.example.com). In order to serve static content cookie-free, I've chosen to use a different domain example-static.com.

Now, lets consider that my static content is currently served like this:

http://example.com/js/script.js
http://example.com/css/style.css
http://example.com/media/image.jpg

** Now I create a CNAME record aliasing example-static.com to my main domain i.e. example.com so that the static content is served as such:

http://example-static.com/js/script.js
http://example-static.com/css/style.css
http://example-static.com/media/image.jpg

** Is that all I have to do? Will all browsers execute JavaScript files and load web fonts without any security concerns? OR should I be using some .htaccess rules to modify header information and the like?

PS: It would be great if you can provide what rules should be added, if need be.

© Stack Overflow or respective owner

Related posts about cookieless

Related posts about static-content