CORS Permissions?

(Nathan Fariss) #1

Hi Everyone!

I’m having some font-related troubles and was hoping someone here could provide some clarity. I’ve purchased a fancy web font, put it in my resources folder and edited the various files so that it integrates into my theme. When I upload the site, it generally works just fine, but depending on if I have www. before the url, the font will either appear or not appear. The error console in Chrome lists this error:

Font from origin ‘’ has been blocked from loading by Cross-Origin Resource Sharing policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘’ is therefore not allowed access.

Does anyone know where I need to add the CORS permissions? Is that a line of code added somewhere in Rapidweaver, or something on the server config? Any ideas? Thanks!


(Andrew Tavernor) #2

you will need a .htaccess file in the root of the domain or the sub-domain from which the fonts are being served.

In it put the following:
Header set access Control-Allow-Origin "*"

The asterisk or star (*) means that all requests will be accepted. This will typically be the case if you are using a single fonts subdomain to serve multiple websites.

If you are worried that others may use your server as a font resource then you can change this to be a specific url.

(Nathan Fariss) #3

Exactly what I needed to know! Thanks so much! I’ll give it a try this evening.