4

I've seen similar questions asked here but I am still unable to solve this issue. I'm running Typekit and FontAwesome (from CDN) and I get the following error

XMLHttpRequest cannot load http://resource.com/example/example. Origin http://mydomain.com is not allowed by Access-Control-Allow-Origin.

Now, the typekit font and fontawesome css stylesheet are loading perfectly fine, so I'm not sure why the error :\

I have already tried to setup CORS through .htaccess but even then I still get the error. Does anyone have a recommendation for this problem?

This is happening in both, my local and production server.

cballenar
  • 141
  • 2
  • 2
    In Firefox or all browsers? Firefox is REALLY weird about cross-domain font requests in ways that other browsers are not. It's very annoying. – Jeff Atwood Sep 05 '13 at 22:06
  • I'm actually using Chrome. I've tried disabling web security but it didn't make a difference. – cballenar Sep 21 '13 at 11:33

2 Answers2

2

Commonly you need to define CORS on your server if you want to allow ​3rd party URLs to load other assets. Just check the following configuration examples where you set the CORS header to allow everything (*). Just replace the * with the desired domain if you want to be restrictive.

Apache

<IfModule mod_headers.c>
    <FilesMatch "\.(ttf|ttc|otf|eot|woff|woff2|font.css|css|js)$">
        Header set Access-Control-Allow-Origin "*"
    </FilesMatch>
</IfModule>

Nginx

location ~ \.(ttf|ttc|otf|eot|woff|woff2|font.css|css|js)$ {
    add_header Access-Control-Allow-Origin "*";
}
webperf
  • 51
  • 4
1

It seems to be a browser problem. Modern browsers blocks cross domain requests.

Try to use Google Chrome with args.

On Windows: --disable-web-security

On Mac: -disable-web-security

John Conde
  • 86,255
  • 27
  • 146
  • 241
Matteo Guarnerio
  • 134
  • 3
  • Hmmm, even with that I'm still seeing the error. I think I'll just ignore it for now. It seems to be an issue in their servers so maybe I need to get in touch with Typekit about it. Thanks! – cballenar Sep 21 '13 at 11:34