By default, some (mostly JavaScript) files are excluded. This is necessary to ensure a painless out-of-the-box experience. For maximum performance, you should only exclude problematic JavaScript files.
Finally, when any of the pages of the Drupal back-end (admin section) are used, CDN integration is disabled by default.
It's necessary prevent any possible cross-domain AJAX requests, which would violate the same origin policy of browsers. Such violations potentially result in broken functionality. Note that even requests to subdomains such as cdn.yourdomain.com count as cross-domain requests!
You can opt-in to including JavaScript files by default and then exclude problematic ones, but then you should carefully note which JavaScript files perform AJAX requests. You can prevent all potential problems by using JSONP, which is a work-around to allow for cross-domain AJAX requests.
A user-configurable blacklist.
The CDN module blacklists the following files by default:
Note: If you develop a module that ships with JavaScript files that should not be served from a CDN, you can implement the hook_cdn_blacklist() hook to automatically blacklist those files.
Drupal core JavaScript files are whitelisted.
A user-configurable blacklist of Drupal paths on which no files should be served from a CDN. This blacklist applies to all users
Similar to "Drupal path", but only applied to authenticated users.
By default, all Drupal back-end (admin*) pages are blacklisted and will thus not use any files from a CDN.