W3C home > Mailing lists > Public > www-font@w3.org > April to June 2010

Re: What constitutes protection [was: About using CORS]

From: Dirk Pranke <dpranke@google.com>
Date: Wed, 5 May 2010 09:24:17 -0700
Message-ID: <i2t3726d1bf1005050924wb854ce15l8a916baf483dea09@mail.gmail.com>
To: "Levantovsky, Vladimir" <Vladimir.Levantovsky@monotypeimaging.com>
Cc: Anne van Kesteren <annevk@opera.com>, "Robert O'Callahan" <robert@ocallahan.org>, John Hudson <tiro@tiro.com>, Sylvain Galineau <sylvaing@microsoft.com>, "www-font@w3.org" <www-font@w3.org>
On Wed, May 5, 2010 at 5:19 AM, Levantovsky, Vladimir
<Vladimir.Levantovsky@monotypeimaging.com> wrote:
> On Tuesday, May 04, 2010 9:36 PM Dirk Pranke wrote:
>> On Tue, May 4, 2010 at 2:01 PM, Levantovsky, Vladimir
>> <Vladimir.Levantovsky@monotypeimaging.com> wrote:
>> >
>> > Can you please elaborate a bit more on this whole issue? It seems
>> that CDN should be completely transparent for UA, and that content and
>> resources such as CSS and fonts would appear to a browser as coming
>> from the same origin it was requested, regardless of whether CDN is
>> used or not. So, if content is in fact comes from CDN - how does it
>> affect same-origin restriction?
>> >
>> If you go to 'www.cnn.com', the CSS files are served from
>> 'i.cdn.turner.com', which is a CDN (presumably) on a different origin
>> than the requesting page. This type of usage is extremely common,
>> because the CDN gets a different (usually smaller) set of cookies than
>> the origin server (and hence the requests are usually received
>> faster).
> Yes, I can see this in their source, which seems to tell that this is how they designed the site. It appears that they set up their own CDN (or at least they have a server they named cdn.turner.com) where stylesheets, javascripts and other resources live, and the content comes from the main server cnn.com.
> I am curious about CDN like Akamai that creates and keeps multiple local copies of site content. When I click on the link to a page and UA receives the content back - what is the difference between the cases when the response is coming from the original server vs. cached CDN content? The content itself is the same, does UA actually see that it is coming from CDN?

The CDN usage I am most familiar with involves explicitly publishing
content from the origin servers to the CDN, which is then replicated
internally and distributed from the CDN nodes to the client machines.
CDNs (including Akamai) do not usually act as transparent caches. This
is mostly because CDNs don't work as well for dynamic content (it's
harder to cache it efficiently and correctly), and most of the
bandwidth on the web comes from files that are static and much more
cacheable. Akamai does (did?) have a technology called "edge serving"
that does claim to handle dynamic content generation, but I have no
experience with it.

Also, it's easy to get confused here because Akamai and other CDNs
because they often provide a form of load-balancing DNS as a service
as well. So, you might use Akamai to determine which actual server
gets to respond to "www.cnn.com", making it look like Akamai is
somehow acting as a cache for "www.cnn.com", but it isn't.

I will note, lastly, that it's not like there's a "this content is
coming from a CDN" header in the reply; to the client, they just look
like regular HTTP replies.

Of course, we wander off-topic for this list; if you have further
questions, I'd be happy to try and answer them directly, although I'm
not a CDN expert, I just have some experience with them.

-- Dirk
Received on Wednesday, 5 May 2010 16:25:01 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:37:34 UTC