Open superpoincare opened 6 years ago
tagliala
commented
6 years ago Hi!
Thanks for being part of the Font Awesome Community.
Having an always cookie-free domain for use.fontawesome.com would be a good enhanchement, but maybe there is a reason for this
@robmadole what do you think? Is there any specific reason to set the cookie on the whole domain?
superpoincare
commented
6 years ago I think it has to do with the fact that fontawesome doesn't use www.
This article explains:
Another reason has to do with cookies. One common web site optimization is to serve static content from a subdomain, such as static.example.com. If you are using www, then this is no problem; your site’s cookies won’t be sent to the static subdomain (unless you explicitly set them up to do so). If you use the naked domain, the cookies get sent to all subdomains (by recent browsers that implement RFC 6265), slowing down access to static content, and possibly causing caching to not work properly.
ps-mattstuart
commented
2 years ago Ideally a switch to fakit.com or some other dedicated cookieless CDN domain would be ideal and would remove this. For those scanning our applications looking for cookies may not always know this and though easily proven it still requires our resources to "prove" to our customers that our tools are not the ones causing the cookie even by proxy due to FA use.
Using the fontawesome CDN doesn't set cookies on a fresh browser visit but if someone visits https://fontawesome.com and then visits a site which uses https://use.fontawesome.com, cookies are shown by the browser, because https://fontawesome.com sets cookies for all subdomains
Is it possible to have it not set cookies for the subdomain use.fontawesome.com?