1

I am trying to load web fonts from a CDN, but am getting a Cross Origin Request error. I have set the following headers in my httpd conf file:

Header Add Access-Control-Allow-Origin: my-cdn-domain

and 

<FilesMatch "\.(ttf|otf|eot|woff|woff2)$">
 Header set Access-Control-Allow-Origin "*"
</FilesMatch>

and I see the Access-Control header in the console, but the fonts still do not load.

Does anyone have any ideas?

hgolov
  • 650
  • 1
  • 11
  • 28

2 Answers2

1

It turns out that this had to do with us moving the site over to https. When we moved the site, we didn't update the origins in the cdn to be https also and that was causing the source to actually be our non-https server!

hgolov
  • 650
  • 1
  • 11
  • 28
0
Header Add Access-Control-Allow-Origin: my-cdn-domain

Your CDN domain has to give permission to your HTML domain, not the other way around.

Quentin
  • 914,110
  • 126
  • 1,211
  • 1,335
  • According to MaxCDN in this article: https://www.maxcdn.com/one/tutorial/how-to-use-cdn-with-webfonts/, that doesn't seem to be the case. – hgolov Dec 28 '15 at 10:11
  • 1
    @hgolov — That article doesn't express it very clearly, but it agrees with this answer. If you scroll down to the section "​I have added the code but, issue persists. Why?" you will see that it asks you to test that the header is added to the URL for the font file, not the URL for the HTML document. – Quentin Dec 28 '15 at 10:13
  • thanks - I followed the directions for curl and got a 403 response for the font from the cdn. Now what? – hgolov Dec 28 '15 at 10:20
  • Figure out why the server is forbidding access entirely (or continue to debug using the Net tab in the browser's developer tools) – Quentin Dec 28 '15 at 10:30
  • Thanks for your help Quentin! – hgolov Dec 28 '15 at 20:15