Hacker News new | ask | show | jobs
by DaiPlusPlus 2047 days ago
> I forgot what made github.com switch to github.io. Something similar but totally separate.

Same reason: to prevent user-generated/user-hosted content from being able to read GitHub.com cookies.
1 comments
kevincox 2047 days ago
Not quite, they couldn't read the cookies. But they could mess with the cookies on github.com somewhat.

The fully writeup is here: https://github.blog/2013-04-09-yummy-cookies-across-domains/

link