Apache2 Cross-Origin Request Blocked while headers are set

Question

My website uses CDN and while everything is fine on Chrome in Firefox I'm getting the following error:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://static.website.com/wp-content/themes/themename/fonts/font-name.woff. This can be fixed by moving the resource to the same domain or enabling CORS.

When I've checked my website .htaccess file I've noticed that header is open to * when requesting this kind of files (fonts)

Here is what I have set:

<FilesMatch "\.(svg|ttf|otf|eot|woff)$">
    <IfModule mod_headers.c>
        Header set Access-Control-Allow-Origin "*"
    </IfModule>
</FilesMatch>

Any ideas what else needs to be done to allowed fonts to serve from CDN?

score 1 · Accepted Answer · answered Jul 07 '14 at 08:01

1

Found a solution eventually.

We had to set CORS on our bucket (we use Amazon S3) since the files served to the CDN from it and not directly from the website.

Here is some info on how to do it

answered Jul 07 '14 at 08:01

Shahar Galukman

207
1
4
11

Apache2 Cross-Origin Request Blocked while headers are set

1 Answers1