How can we change the font cross policy?

[sparkzara]

hi,
i have a domain loading content from another sub-domain.
both are on same hosting.

now the fonts are not loading properly on main domain ( on sub-domain it works fine )
on main domain it shows strict-origin-when-cross-origin Referrer Policy

how do we update this to Access-Control-Allow-Origin

i tried adding following code to main domain nginx and subdomain nginx template.(reference from vestacp forum)

Code: Select all

location ~* ^.+\.(ttf|otf|webp|woff|woff2)$ {
	add_header Access-Control-Allow-Origin "*";
}

still see the same error (attached screenshots.)

[myVesta]

did you run:

Code: Select all

v-rebuild-web-domains YOURUSER

after changing template?

[sparkzara]

yes tried, still no change.
any other location this need to be added?

did you run:

Code: Select all

v-rebuild-web-domains YOURUSER

after changing template?

[myVesta]

Then you added this nginx block to wrong line.

Long time ago I made similar template, and here is where I added it:

Code: Select all

server {
    listen      %ip%:%proxy_ssl_port% ssl http2;
    server_name %domain_idn% %alias_idn%;
    # ssl         on;
    ssl_certificate      %ssl_pem%;
    ssl_certificate_key  %ssl_key%;
    error_log  /var/log/%web_system%/domains/%domain%.error.log error;

    location / {
        proxy_pass      https://%ip%:%web_ssl_port%;
        location ~* \.(svg)$ {
            root           %sdocroot%;
            add_header Access-Control-Allow-Origin *;
        }
        location ~* ^.+\.(%proxy_extentions%)$ {
            root           %sdocroot%;
            access_log     /var/log/%web_system%/domains/%domain%.log combined;
            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
            expires        max;
            # try_files      $uri @fallback;
        }
    }

    location /error/ {
        alias   %home%/%user%/web/%domain%/document_errors/;
    }

    location @fallback {
        proxy_pass      https://%ip%:%web_ssl_port%;
    }

    location ~ /\.ht    {return 404;}
    location ~ /\.svn/  {return 404;}
    location ~ /\.git/  {return 404;}
    location ~ /\.hg/   {return 404;}
    location ~ /\.bzr/  {return 404;}

    disable_symlinks if_not_owner from=%docroot%;

    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
}

My client requested CORS only for .svg files, but you can add more extensions, like:

Code: Select all

        location ~* \.(svg|jpg|png|css|js)$ {
            root           %sdocroot%;
            add_header Access-Control-Allow-Origin *;
        }

For .stpl use %sdocroot%
For .tpl use %docroot%

[sparkzara]

Thanks, that fixed it for me.

[sparkzara]

hi,
i found another issue,
whenever there is rebuild web, again ttf extension gives cors error.

on checking further i found,
%proxy_extentions% is adding ttf again at 2nd location on new conf files.
manually removing ttf extension from 2nd location on domain.nginx.ssl.conf removes error. but i do have lot of domains to do that manually.

where should i modify the values of proxy_extensions ?
so it reflects on all domains conf files globally after rebuild.

Thanks.

[myVesta]

hi,
i found another issue,
whenever there is rebuild web, again ttf extension gives cors error.

on checking further i found,
%proxy_extentions% is adding ttf again at 2nd location on new conf files.
manually removing ttf extension from 2nd location on domain.nginx.ssl.conf removes error. but i do have lot of domains to do that manually.

where should i modify the values of proxy_extensions ?
so it reflects on all domains conf files globally after rebuild.

Thanks.

You must change it from hosting panel.

WEB -> yourdomain -> EDIT -> Proxy extensions

Screenshot_102.png (64.59 KiB)

[sparkzara]

Thank you. that solved my issue.