How to enable CORS on Apache + Nginx ?

S

shivahost

Verified User
Joined
Mar 7, 2013
Messages
214
I have this error:

Code: 
Access to Font at 'https://originaldomain/fonts/*.woff' from origin 'https://www.testdomain.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://www.testdomain.net' is therefore not allowed access.

Please help me
 
Add the following to .htaccess on the domain that is hosting the fonts (this will allow any domains to load the fonts):

Code: 
<FilesMatch "\.(js|jpg|css|eot|otf|svg|ttf||woff|woff2)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>

(Remove the extensions you do not want to allow from the code above.) Edit: This is for Apache, I have no idea about Nginx as I don't use it.
 
Last edited:
ditto said:
Add the following to .htaccess on the domain that is hosting the fonts (this will allow any domains to load the fonts):

Code: 
<FilesMatch "\.(js|jpg|css|eot|otf|svg|ttf||woff|woff2)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>

(Remove the extensions you do not want to allow from the code above.) Edit: This is for Apache, I have no idea about Nginx as I don't use it.
Click to expand...

It is not working , I think because of nginx!
 
Try to empty all cache in your browser, then restart your browser and check again. If not, you would need to modify the .htaccess code to work on Nginx.
 
ditto said:
Try to empty all cache in your browser, then restart your browser and check again. If not, you would need to modify the .htaccess code to work on Nginx.
Click to expand...

I searched a lot, but there is no success yet, So I opened this topic to find the answer.

I tried many htaccess or httpd.conf codes + empty cache + restart nginx and apache but no success...
 
All I can say is that my code work on Apache, only time it will not work is if the site is password protected. So unless your site is password protected, then it must be Nginx that is the problem.
 
ditto said:
All I can say is that my code work on Apache, only time it will not work is if the site is password protected. So unless your site is password protected, then it must be Nginx that is the problem.
Click to expand...

I know Nginx serving static files , I tried some codes on nginx conf or vhost file too but no success!
 
shivahost said:
anyone can help?
Click to expand...

For me the solution was to add

Code: 
location ~* \.(eot|ttf|woff|woff2)$ {
    add_header Access-Control-Allow-Origin *;
}

to the nginx.conf file of the domain. On administrator level -> custom-httpd configurations
 
You must log in or register to reply here.
Back
Top