Comment 0 for bug 806713

https://code.launchpad.net/~spiv/launchpad/bmp-inline-diffs/+merge/66634 and friends take the approach of proxying client requests through the main app domain to loggerhead.

This probably isn't going to work for private branches, because (iiuc) loggerhead uses a separate authentication cookie, so the client is going to send the cookie relevant to say code.l.n and loggerhead won't know what to do with it.

One solution would be to teach loggerhead to validate the cookie by calling across to lp.