Y
Hacker News
new
|
ask
|
show
|
jobs
by
NavinF
579 days ago
Yep. Even within the prod environment it's ideal to have a separate domain (as defined by the Public Suffix List) for sketchy stuff like files uploaded by users. Eliminates a whole class of security issues and general fuckery