Help wtih CORS configuration...
March 14, 2018 09:26AM
Hi everybody...

I have this configuration applied to my server

in domain.nginx.conf file

location ~* \.(eot|otf|ttf|woff|woff2)$ {
add_header Access-Control-Allow-Origin *;
}

location / {
include /home/domain/conf/web/cors.conf;
try_files $uri $uri/ /index.php?$args;

if (!-e $request_filename)
{
rewrite ^(.+)$ /index.php?q=$1 last;
}

location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}

include /home/domain/web/domain.com/public_html/nginx.conf;
}


and the file cors.conf have this

if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' *;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'POST') {
add_header 'Access-Control-Allow-Origin' *;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}
if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Origin' *;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}


I am using a wordpress with a especial configuration for admin area...

I have the principal domain with domain.com and www.domain.com and the admin area are with edicion.domain.com/wp-admin, and the site is function perfect (previusly I was installed in a apache server but now I am using nginx for perfomance)

but now in nginx I receive some error for some font resources like this

Access to Font at 'http://edicion.domaincom/nagos2015/wp-content/themes/motors/assets/fonts/service-fonts/stm-service-default.ttf?vcgqsx' from origin 'http://www.domain.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.domain.com' is therefore not allowed access.

and this is affecting the visual aspect of my site...

could you help me with this config...

maybe I am wrong with something....


tks....
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 340
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready