Sibling domains cookie isolation got some publicity recently when GitHub moved user generated pages to github.io. The problem is not new, but many sites still ignore it. One issue that somehow escaped popular perception is that cookie isolation policy can be exploited to simply and efficiently break sites that depend on content hosted on Content Delivery Networks.
The issue affects most CDN providers, let me use RackCDN for illustration.
read more.......http://mixedbit.org/blog/2013/04/11/dos_attack_on_cdn_users.html