Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think there's confusion here about the use of the term CDN. There are public CDNs, like Google AJAX APIs, that allow a shared copy of an open-source library to be downloaded from a known-good location. This enables users to reuse the same copy their browser has already cached across multiple pages, but like romaniv and the OP have pointed out, you are then trusting Google to be good stewards of that resource.

Conversely, you control what shows up on your own private CDN, like CloudFront. Sure, there may be downside outside of your control, but nobody is going to be able to alter the resources there without your permission.



  > Conversely, you control what shows up on your own
  > private CDN, like CloudFront. Sure, there may be
  > downside outside of your control, but nobody is going
  > to be able to alter the resources there without your
  > permission.
Well, CloudFront could, since they control the machines that your users are connecting to.


One could say the same of any host.


That's the point; it's silly to say that https://some-cdn.com/jquery-1.9.1.min.js is inherently less secure than https://my-cloudfront-proxied-site.com/jquery-1.9.1.min.js


Well, it also depends on your level of trust for Google vs. CloudFront.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: