Hacker News new | past | comments | ask | show | jobs | submit login

Doh. Of course. It's all on the same domain. Do you think, that if designing a new application, it would make sense to make a separate admin sub-domain (assuming no wildcard cookies)?

Does the solution entail purchasing legit ssl certs for your static content domains?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact