Comment by thornewolf
17 days ago
it's a security feature. otherwise my malicious site could check for cdn.sensitivephotoswebsite.com and blackmail you if it was cached already
17 days ago
it's a security feature. otherwise my malicious site could check for cdn.sensitivephotoswebsite.com and blackmail you if it was cached already
It would be nice if there was a whitelist option for non-sensitive content. I stopped using cdn links due to the overhead of the extra domain lookups but I did think that my self hosted content would be cached across domains.
It would be nice if there was a whitelist option for non-sensitive content.
There's no such thing as non-sensitive content from a CDN though. Scripts are obviously sensitive, styles can be used to exfiltrate data through background-url directives, and anything like images has no benefit being cached across sites.
Fonts might be one exception, but I bet those are exploitable somehow.
Seem like a solvable problem. Per origin cache control. But actually just load the data locally