Multiply SSL Negotiation on same domain in waterfall


I’m wondering why I see multiply Connect and SSL to the same domain:

Would the browser not keep the connection and ssl for same domains?

corss-origin fonts are served on an “uncredentialed” (anonymous) connection and can’t be mixed with requests that may include cookies. It’s why you also need to include “crossorigin” when preconnecting for font connections.

If the fonts (and static resources) were served from the same origin as the main document then it can all reuse the same connection.

So self hosted fonts should be hosted on same domain as the main document and not the CDN?
Or would that just block for other connections?

If you want then to re-use the same connection as other static content then yes, they need to be served from the same origin as the document, otherwise they will be considered “uncredentialed” and require a separate connection even if being served from a domain that other static content comes from.