Qiniu Cloud Storage - Qiniu+Nginx+icon font=No 'Access-Control-Allow-Origin' header error?
给我你的怀抱
给我你的怀抱 2017-05-16 17:25:15
0
2
1349
Font from origin 'http://img.***.com' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://***.com' is therefore not allowed access. The response had HTTP status code 403. (index):1
GET http://img.***.com/wp-content/themes/someone-v2/fonts/fontawesome-webfont.woff 

Already loaded

    location ~* \.(eot|otf|ttf|woff|svg)$ {
        add_header Access-Control-Allow-Origin *;
    }

font-awesome.min.css:

@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot');src:url('../fonts/fontawesome-webfont.eot') format('embedded-opentype'),url('../fonts/fontawesome-webfont.woff') format('woff'),url('../fonts/fontawesome-webfont.ttf') format('truetype'),url('../fonts/fontawesome-webfont.svg') format('svg');font-weight:normal;font-style:normal}

The browser can access the icon font, and the page prompts 403

How to break this?

给我你的怀抱
给我你的怀抱

reply all(2)
大家讲道理

This is because you have set up anti-hotlinking in Qiniu’s space, but the domain name for accessing the css file is not set in the anti-hotlinking function. As a result, the referer of the image accessed from the css file is the domain name of css, which is not in the whitelist of anti-hotlinking. , so it is 403 forbidden.

左手右手慢动作

Visual inspection also requires the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers

Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template