Use Cookie-Free Domain and CDN for Static Content!

Benefits from Cookie-Free Domains

Lately most of the web developers are talking more and more about optimization. One of the practices everybody’s supporting is to use cookie free domains for static content. First of all, what’s static content. That, in breve, are all images, JavaScripts and CSS. That’s everything that’s transmitted to the client with no change from the server at all. In a typical PHP/MySQL site everything generated on the server site is considered dynamic, while every component that’s given to the client with no change is static. That’s why they don’t need cookies in the request.

That’s what Yahoo! YSlow says:

In a short example, lets say you’ve a web page with 10 background images used by its CSS file. Here’s a good practice to combine them in one or even use base64 for them, but that’s another talk. So in that scenario you’ll send all the cookies you’ve on the site with this images, but actually they don’t profit at all from this. The question is why you should send all this data with no need? Won’t you benefit from sending it with no cookies.

As it sound logical I read some articles recently describing that the benefit from putting the static content on a non-cookie domain doesn’t pays back. OK it may be strange, however every 40 ms or whatever of page load is important, aren’t they?

Setup a Cookie Free Domain

The problem is that if you’d like to setup a cookie free domain the things are becoming a bit harder. You’ve two options:

  1. Move all your static content on a different domain, where no cookies are set.
  2. Move your static content on a different sub domain and set all the cookies to the www subdomain. (Here’s a bit tricky).

All this indeed a bit tricky! So let me proceed with the next topic.

Benefits from CDN

A CDN or Content Delivery Network is a term become famous with the growing web. Now big sites have servers in almost every continent and perhaps country. CDN is an abstraction of all this. The good thing is that there’s supposed to be stored static content. Think about the YouTube’s video files. Another good thing is that this domains are cookie free by default. The thing is …

Why don’t You Combine Them?

You’ll benefit from both ideas. Cookie free domains with CDN. In one side the web page will benefit from the closest location of the server and the CDN and in other side all this will come with no cookies to you. That’s really nice and most of the time people thing of CDN for only storing large scale data, such as video files, but no one says you cannot put your CSS, JavaScripts and background images there!

15 thoughts on “Use Cookie-Free Domain and CDN for Static Content!

  1. I don’t use CDN. How can i manage to make the cookie free domain’s working with subodomain? can you help?

  2. Hi Claus,

    there’s a solution with a sub domain that is cookie free. What you should do is to have one free sub domain, something like static.yoursite.com where no cookies are set. You don’t have to move the static content or images and so on somewhere, it’s enough to point this subdomain to the exact same document root as your site is. Than you should set all the cookies to the www sub domain, because setting them on the base domain http://yoursite.com will send them for every subdomain. Thus you set them for only one sub domain – the www, and finally you should point your images, css and javascripts and … whatever your static content is to the new domain.

    I hope this can help!

  3. hey Stoimen.

    I too am trying to understand the great Cookie V’s Non-Cookie war. I’ve a site that I optimised to a Yslow score of 90 and a PageSpeed score of 99. My only punishments are coming from cookied images, and non-CDN (though the CDN is another story).

    But I don’t understand cookies at all. I’m actually trying to understand the VERY BASICS of this cookie war – exactly how does the initial cookie gets set on a domain?

    You say …. “you should SET all the cookies to the www sub domain, because setting them on the base domain http://yoursite.com will send them for every subdomain”

    How do you set them?

    My domain is a non-www; it was set up like that with the host. So I believe that means I cannot serve cookie free images from this domain?

  4. The gain does not (only) applies through the less amount of data being transfered but also in the possibility to cache the request on the CDN. Header data like cookies are often stored with the request data to match same cached content to a request. If you now have user depending cookies, it would cache the same file multiple times, due to the same header data.

    Sub domains do work only, if you have no service like Google Analytics running, that sets domain wide (.domain.tld) cookie, which then also show up on all the sub domains. You could of course start filtering “set cookie” commands from all request, but it easier to use another domain name, where you make sure, no cookies are every set at.

  5. Setting up some random subdomains for js, css and images etc is good to spread the http load and also you will not ever have anny issues with the SSL alert on IE browsers for such objects. I also had issues before using subdomains adding images (with absolute url) into CKeditor from CMS behind SSL.

  6. @Tobbias “Setting up some random subdomains for js, css and images etc is good to spread the http load…”

    Is there any the http load gain when the static subdomain is on the same server then the main domain?

  7. Although I understand the concept, the whole idea is abusrd.

    1. Not everyone can do this or would even want to.

    2. Whats the difference of loading from a sub domain of the main domain when it is all still on the same domain?

    3. Cookies on images and CSS and JS? What?!?! Since when and why? Why not just resolve that issue from there instead of making people jump through hoops.

    There is no reason those files should even be cookied. In fact, nothing should be cookied unless set by the website.

    I see this causing a lot of problems with people and specific applications. And just an all around headache to have to even do to what? Please YSlow?

    We are all to busy trying to reach certain standards when in fact the sites are fine, people use them and browse them and hardly ever complain about anything that these places talk about. Is a joke really.

    Just my 2 cents on this topic. I enjoy complicated things, when they make sense. THis does not make sense when the issue can be nipped in the bud elsewhere.

    Im sure this was helpful to others, helped me understand it a bit more. Just not logical at all.

  8. @Shawn Rebelo I believe based on your strong opinionated comments that you don’t have a strong knowledge of how Apache and PHP work. Or any other server for that matter.
    1) You are right, not everyone would want ot or can do this. For example a low traffic site would likely not want to bother. A high traffic site would definitely want to do this though. In fact if you view the source of almost any high traffics site you can see this being done.

    2) There is no real difference from loading from a sub-domain vs another domain. It all boils down to how you want to set it up, also as mentioned, if you site currently sets cookies in the root *.domain.com or domain.com space then you would need to use another domain instead of a sub-domain.

    3) If you are using a LAMP stack, then cookies are sent with each request to the server. Keyword is request meaning it does not matter the file type, the browser is going to send the cookies!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>