1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help with Access-Control-Allow-Origin (CORS)

Discussion in 'Server Configuration and Hosting' started by Mouth, Dec 19, 2015.

  1. Mouth

    Mouth Well-Known Member

    My site is not loading font awesome from CDN ...

    Font from origin 'https://cdn.netrider.net.au' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://netrider.net.au' is therefore not allowed access. The response had HTTP status code 403.

    ... but the http headers look OK ...

    HTTP Status for: "https://netrider.net.au/"
    • HTTP/1.1 200 OK
    • Server: nginx
    • Content-Type: text/html; charset=UTF-8
    • Connection: close
    • X-Frame-Options: SAMEORIGIN
    • Strict-Transport-Security: max-age=15638400; preload
    • Access-Control-Allow-Origin: *
    • X-Frame-Options: SAMEORIGIN
    • X-Content-Type-Options: nosniff
    • Date: Sat, 19 Dec 2015 23:25:54 GMT
    • X-Page-Speed: 1.9.32.4-7251
    • Cache-Control: max-age=0, no-cache
    ... and ...

    HTTP Status for: "https://cdn.netrider.net.au/"
    • HTTP/1.1 200 OK
    • Server: keycdn-engine
    • Date: Sat, 19 Dec 2015 23:31:26 GMT
    • Content-Type: text/html; charset=UTF-8
    • Connection: close
    • Vary: Accept-Encoding
    • X-Frame-Options: SAMEORIGIN
    • Strict-Transport-Security: max-age=15638400; preload
    • X-Frame-Options: SAMEORIGIN
    • X-Content-Type-Options: nosniff
    • X-Page-Speed: 1.9.32.4-7251
    • Cache-Control: max-age=604800
    • Expires: Sat, 26 Dec 2015 23:31:26 GMT
    • Link: <https://netrider.net.au/>; rel="canonical"
    • X-Cache: MISS
    • X-Edge-Location: defr
    • Access-Control-Allow-Origin: *

    Thus, both having "Access-Control-Allow-Origin: *" to allow font loading from external domains.

    Would appreciate some pointer/assistance on what I've gotten wrong. Have been reading, but cannot figure out the issue.
     
  2. Mouth

    Mouth Well-Known Member

    FYI, in case anyone gets the same issue.
    I changed my CDN url (using KeyCDN's new LetsEncrypt functionality) and forgot to add a referrer allowance at the CDN for the change in URL.
     

Share This Page