Re: CMS + Fedora Magazine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Karsten Wade wrote:
> On Thu, Feb 05, 2009 at 11:41:32PM -0700, Clint Savage wrote:
>> They are not required, but are a really good idea.  It provides
>> logical separation when thinking about what a particular application
>> (in this case CMS) does.  If we keep the same subdomain for all the
>> structures, we'd logically separate on uri's.  Seems more logical to
>> me to have it be domains/subdomains as the logical divide.
> 
> The key for me is consistency.  Fedora Infrastructure and Websites
> teams decided on a sub-domain model some time ago.  I think the real
> confusion is when it's a mix of sub-domain and nested folder
> structures.
> 
> For this reason perhaps we should look at propagating
> wiki.fedoraproject.org instead -- as part of rebirthing it as a
> destination for contributors and other participants to be putting
> Fedora content.
> 
> FWIW, the unique domain names are the ones that get me the most.  I am
> always trying to ssh in to fedoraproject.org instead of
> fedorapeople.org, and recently I got crossed by separate mailman
> instances (is this true?) for lists.fedorahosted.org and
> lists.fedoraproject.org.
> 
Note: One technical reason to keep things on a single domain is when you
want to share cookies between two sites.  For instance, for a
contributor to all three of: docs.fedoraproject.org/,
kbase.fedoraproject.org, and magazine.fedoraproject.org you'd have to
login three times, once to each site.  If you had
docs.fedoraproject.org/guides, docs.fedoraproject.org/kbase, and
docs.fedoraproject.org/magazine you could share the cookie because they
all have the same domain.

An astute reader may ask why you can't share the cookie between all
.fedoraproject.org domains.  The answer is that this is possible but
insecure in our environment.  Matching that domain would also match
publictest15.fedoraproject.org, for instance.  Since publictest machines
are running new code, test instances, and other things that could have
all sorts of security holes we haven't figured out yet, it's a bad idea
to be sharing authentication cookies between production machines and those.

-Toshio

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
fedora-docs-list mailing list
fedora-docs-list@xxxxxxxxxx
To unsubscribe: 
https://www.redhat.com/mailman/listinfo/fedora-docs-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Red Hat 9]     [Yosemite News]     [KDE Users]

  Powered by Linux