How can we change the font cross policy?

Post Reply
sparkzara
Posts: 17
Joined: Mon Jun 07, 2021 9:15 am

hi,
i have a domain loading content from another sub-domain.
both are on same hosting.

now the fonts are not loading properly on main domain ( on sub-domain it works fine )
on main domain it shows strict-origin-when-cross-origin Referrer Policy

how do we update this to Access-Control-Allow-Origin

i tried adding following code to main domain nginx and subdomain nginx template.(reference from vestacp forum)

Code: Select all

location ~* ^.+\.(ttf|otf|webp|woff|woff2)$ {
	add_header Access-Control-Allow-Origin "*";
}
still see the same error (attached screenshots.)

Image
Image
User avatar
myVesta
Site Admin
Posts: 800
Joined: Fri Jun 19, 2020 9:59 am
Has thanked: 4 times
Been thanked: 5 times

did you run:

Code: Select all

v-rebuild-web-domains YOURUSER
after changing template?
sparkzara
Posts: 17
Joined: Mon Jun 07, 2021 9:15 am

yes tried, still no change.
any other location this need to be added?
myVesta wrote: Sat Feb 11, 2023 10:12 pm did you run:

Code: Select all

v-rebuild-web-domains YOURUSER
after changing template?
User avatar
myVesta
Site Admin
Posts: 800
Joined: Fri Jun 19, 2020 9:59 am
Has thanked: 4 times
Been thanked: 5 times

Then you added this nginx block to wrong line.

Long time ago I made similar template, and here is where I added it:

Code: Select all

server {
    listen      %ip%:%proxy_ssl_port% ssl http2;
    server_name %domain_idn% %alias_idn%;
    # ssl         on;
    ssl_certificate      %ssl_pem%;
    ssl_certificate_key  %ssl_key%;
    error_log  /var/log/%web_system%/domains/%domain%.error.log error;

    location / {
        proxy_pass      https://%ip%:%web_ssl_port%;
        location ~* \.(svg)$ {
            root           %sdocroot%;
            add_header Access-Control-Allow-Origin *;
        }
        location ~* ^.+\.(%proxy_extentions%)$ {
            root           %sdocroot%;
            access_log     /var/log/%web_system%/domains/%domain%.log combined;
            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
            expires        max;
            # try_files      $uri @fallback;
        }
    }

    location /error/ {
        alias   %home%/%user%/web/%domain%/document_errors/;
    }

    location @fallback {
        proxy_pass      https://%ip%:%web_ssl_port%;
    }

    location ~ /\.ht    {return 404;}
    location ~ /\.svn/  {return 404;}
    location ~ /\.git/  {return 404;}
    location ~ /\.hg/   {return 404;}
    location ~ /\.bzr/  {return 404;}

    disable_symlinks if_not_owner from=%docroot%;

    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
}
My client requested CORS only for .svg files, but you can add more extensions, like:

Code: Select all

        location ~* \.(svg|jpg|png|css|js)$ {
            root           %sdocroot%;
            add_header Access-Control-Allow-Origin *;
        }
For .stpl use %sdocroot%
For .tpl use %docroot%
Post Reply