Hi folks,
As a precaution against CORS, I
add_header Access-Control-Allow-Origin *;
outside any location{} block in my server{} definition.
I have recently had a problem where I deliver .css via a CDN, and that
CDN references font files also on the CDN, and this was triggering CORS,
so the font wasn't loaded.
The solution was to also add that header to the location{} block that I
use to manage the relevant static resources.
This seems rather strange. Is it supposed to work this way?
Cheers,
Steve
--
Steve Holdoway BSc(Hons) MIITP
https://www.greengecko.co.nz/
Linkedin: https://www.linkedin.com/in/steveholdoway
Skype: sholdowa
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
