app.example.com vs. example.com/app for a browser based product?
I’m wondering if there are any particular pros or cons I may not be considering regarding deploying a browser based product on a subdomain versus a normal authenticated route.
Per RFCs, "example.com" (the bare domain name) must be a DNS A/AAAA record and cannot be a CNAME, which could limit your ability to use some anti-ddos/geo-loadbalancing solutions. Subdomain names (app.example.com) can be CNAME records.
yes there are some peculiarities related to indexeddb, service worker and other web apis, app.example.com is another domain and might not share scope with example.com