Recently, we have had a lot of questions about a change to our link URL. Frankly we have received many complaints as well as compliments. We have been planning this change for a long time. There are a number of reasons for this change, and all of them are important to you, our customer.
Cookie-free
Since links are anonymous, cookies are not required. Cookies are used by our application for authentication, transferring them puts them at risk, especially on the link page. Another concern is the bandwidth wasted transferring them to and from the server extraneously. The new domain sets and requires no cookies, it therefore puts to rest any performance and security concerns associated with them.
Use of a cookie-free domain is common practice for the reasons above.
Link usage patterns
Links are highly popular, most of our traffic is generated by links. Using a separate domain, application, server pool, etc. allows us to scale links and the application independently of one another. Less interdependence means less service interruptions and better performance.
Because the usage pattern of links is very different from that of our application, we can use different methods to develop and optimize each.
CDN
One of the optimizations already applied to links is the use of a Content Distribution Network or CDN. Such a network places content (files) close to users, so that you can send huge files (or small ones) to your users faster. In addition to faster download speeds, the cost of using such a network is lower since it is optimized for content delivery. We have already been able to offload a large portion of downloads to a CDN. This frees resources for the main application, provides faster downloads, and lowers our costs (and therefore our prices).
Security
Links are anonymous. Both the link creator (a user of our system), and the link page visitor are untrusted. The web has a long history of browser exploits. There are several classes of attack were possible using our old link feature. Attacks could be targeted at the visitor or the link creator (our potential customer). These attacks are not hypothetical, we have handled incidents of abuse of our link feature.
The strongest protection a browser has is Same Origin Policy. Each domain is treated like a sandbox. Content from one domain cannot interact with content from another. By separating links, we are sandboxing the potentially dangerous user-generated content from the trusted content and security credentials of our authenticated users.
Conclusion
In closing, I can see how the change is jarring, it was not made lightly and our customer’s best interests were, as always, the motivation. Moving forward, we will continue to roll out enhancements to our link feature. The new link domain will become more tightly integrated with the application while providing a better and safer experience.