Hacker News new | past | comments | ask | show | jobs | submit login

Interesting. What's the rationale?

It’s the separation of concerns best practice extended to domain names. To not have to think to path collisions if the website and the API are in the hands of different teams is a plus. As well, in this case, it’s a lot better to avoid the root domain which is less flexible then a subdomain. For instance, you can’t have a CNAME behind a root domain

Flexibility. A CNAME is easier than a reverse proxy.

Security. Don't share cookies with your site.

What if sharing cookies with your site is the intended behavior, e.g. for API's that you're calling directly from your frontend?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact