2

I want to load Fontawesome from a CDN but I get

failed cross-origin request. Resource access is restricted

I know that to fix this a HTTP header should be added, but is there any way to avoid doing this?

I tried replacing '../font/fontawesome-webfont.eot?v=3.2.0') with full urls but it didnt help for some reason. Is there anything that can be done without the header?

Jim
  • 684
  • 2
  • 8
  • 20

4 Answers4

3

You have to create .htaccess file on font folder with this text.

<FilesMatch ".(eot|ttf|svg|otf|woff|woff2)">
  Header set Access-Control-Allow-Origin "*"
</FilesMatch>
unom
  • 11,438
  • 4
  • 34
  • 54
Leonel Lands
  • 39
  • 2
1

This is browsers’ same-origin policy restrictions http://www.w3.org/TR/css3-fonts/#same-origin-restriction.

If you are using amazon s3 this could help you Amazon S3 CORS (Cross-Origin Resource Sharing) and Firefox cross-domain font loading

Community
  • 1
  • 1
Nish
  • 301
  • 1
  • 9
1

Your CDN needs to include the Access-Control-Allow-Origin:* header in the response for the font files. See my answer to Font Awesome icons not showing in Chrome, a MaxCDN related Cross-Origin Resource Sharing policy issue

Community
  • 1
  • 1
Brent Washburne
  • 12,904
  • 4
  • 60
  • 82
0

CORS Configuration

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
      <AllowedOrigin>http://www.your-site.com</AllowedOrigin>
       <AllowedOrigin>https://www.your-site.com</AllowedOrigin>
       <AllowedMethod>GET</AllowedMethod>
       <AllowedMethod>HEAD</AllowedMethod>
       <AllowedMethod>DELETE</AllowedMethod>
       <AllowedMethod>PUT</AllowedMethod>
       <AllowedMethod>POST</AllowedMethod>
     </CORSRule>
</CORSConfiguration>
Akhilesh Kumar
  • 849
  • 1
  • 15
  • 28