I've read through some of the older issues related to this. So it seems like the main purpose of this feature request is to allow for the following scenario:
Based on how CSP works as Kalle Niemitalo mentions, we have to distinguish based on the domain name mostly, not the URL (other than the scheme and port). So I'd imagine we should try to support all the listed suggestions from Jesse Glick except for the subdirectory one.
Any directory browser that requires authentication wouldn't really benefit from a separate domain name like example-cdn.com to example.com due to needing cookies for both. Static resources that are publicly available can benefit from a separate domain for CDN usage, though that seems a bit overkill for Jenkins (or maybe it isn't?).