Font blocked by "Access-Control-Allow-Origin" ?

richard.miller
(@richardmiller-1)

8 years, 10 months ago

The font is not loading, and the java console give me this message:

Font from origin 'http://www.americanoutlawsportland.com' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://americanoutlawspdx.com' is therefore not allowed access.

The site is on Bluehost: http://americanoutlawspdx.com/

https://wordpress.org/plugins/simple-social-icons/

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Contributor Nick C
(@modernnerd)

8 years, 10 months ago

Hi Richard

Your site links and stylesheet references are still pointing to http://www.americanoutlawsportland.com/ instead of http://americanoutlawspdx.com/.

Perhaps you migrated to the pdx domain recently? If so, it would be worth checking that your URL in Settings → General is set to the correct domain, and that all references to http://www.americanoutlawsportland.com in your database and theme files have been updated to point to your new domain instead.

That should solve the warnings and allow the icons to load correctly, but feel free to ask if you have any further questions about this.

candacehuddleston
(@candacehuddleston)

8 years, 4 months ago

i am getting the same thing.help! i tried to do as you stated above but it didnt work.now its saying error 404.
in wordpress, this is what i have set.
General Settings
Site Title
Southaven Supply
Tagline
Hardware Store
In a few words, explain what this site is about.
WordPress Address (URL)
http://shsupplybeta.azurewebsites.net
Site Address (URL)
http://www.shsupply.com
Enter the address here if you want your site home page to be different from your WordPress installation directory.

it was giving me a redirect loop when i tried to go into items on my shsupply.com , now, it just says error 404. any help would be appreciated.
GDriver
(@gdriver)

8 years, 3 months ago
This should solve your problem, just copy paste it into your .htaccess file en re-upload it, clear your cache and eventually also clear your CDN files and the problem is solved:
```
# ----------------------------------------------------------------------
# CORS-enabled images (@crossorigin)
# ----------------------------------------------------------------------
# Send CORS headers if browsers request them; enabled by default for images.
# developer.mozilla.org/en/CORS_Enabled_Image
# blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
# hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
# wiki.mozilla.org/Security/Reviews/crossoriginAttribute
<IfModule mod_setenvif.c>
  <IfModule mod_headers.c>
    # mod_headers, y u no match by Content-Type?!
    <FilesMatch "\.(gif|png|jpe?g|svg|svgz|ico|webp)$">
      SetEnvIf Origin ":" IS_CORS
      Header set Access-Control-Allow-Origin "*" env=IS_CORS
    </FilesMatch>
  </IfModule>
</IfModule>
# ----------------------------------------------------------------------
# Webfont access
# ----------------------------------------------------------------------
# Allow access from all domains for webfonts.
# Alternatively you could only whitelist your
# subdomains like "subdomain.example.com".
<IfModule mod_headers.c>
  <FilesMatch "\.(ttf|ttc|otf|eot|woff|woff2|font.css|css|js)$">
    Header set Access-Control-Allow-Origin "*"
  </FilesMatch>
</IfModule>
```
Source: MaxCDN