Code review comment for lp:~lifeless/launchpad/private-librarian

So files served from the same domain can steal content from files served from the same domain. We don't care for public information, but this isn't cool for private.

One way around this is to serve every file from a unique domain. Changing the URL structure from https://launchpadlibrarian.net/123/file.txt to https://i123.launchpadlibrarian.net/file.txt will do this, and an Apache rewrite rule can be used to redirect old URLs to the new URL.