Apache-2.2

CORS 標頭在 CURL 中正確設置,但在從瀏覽器載入頁面時未設置

  • September 8, 2015

我有一個使用 font-awesome 的網站,我想使用 cloudfront 作為 CDN(我的網站在 apache 上執行)。我已經在這個站點的 conf 文件中啟用了 cors。

這是我網站的 conf 文件:

<VirtualHost *:80>
   ServerAdmin ajaydarez@gmail.com
   ServerName spotlessmommy.com
   ServerAlias www.spotlessmommy.com

   DocumentRoot /var/www/spotlessmommy
   <Directory />
           Options FollowSymLinks
           AllowOverride None
   </Directory>
   <Directory /var/www/spotlessmommy>
           Options Indexes FollowSymLinks MultiViews
           AllowOverride ALL
           Order allow,deny
           allow from all

           Header set Access-Control-Max-Age "1000"
           Header set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding"
           Header set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"

           <FilesMatch ".(eot|ttf|otf|woff)">
                   Header set Access-Control-Allow-Origin "*"
           </FilesMatch>

   </Directory>

當我嘗試使用 curl 時,我得到了正確的標題 -

E:\Software Files\curl>curl -I spotlessmommy.com/wp-content/themes/sociallyviral
/fonts/fontawesome-webfont.ttf
HTTP/1.1 200 OK
Date: Tue, 08 Sep 2015 01:04:00 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 29 May 2015 19:46:10 GMT
ETag: "228fc-5173dba530480"
Accept-Ranges: bytes
Content-Length: 141564
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorizat
ion, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Vary: User-Agent
Access-Control-Allow-Origin: *


E:\Software Files\curl>curl -I spotlessmommy.com
HTTP/1.1 200 OK
Date: Tue, 08 Sep 2015 01:04:03 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.11
X-Pingback: http://spotlessmommy.com/xmlrpc.php
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorizat
ion, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Vary: User-Agent
Content-Type: text/html; charset=UTF-8

但是在瀏覽器中,我仍然收到字型檔的跨域錯誤。該網站是 www.spotlessmommy.com(如果您載入該網站,您會看到社交媒體圖示只是空框)

Font from origin 'http://d13wghwkc7ps4m.cloudfront.net' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://spotlessmommy.com' is therefore not allowed access.

知道我還應該嘗試什麼嗎?在過去的 14 小時裡一直在為此苦苦掙扎:(

沒關係。這是由於 CDN 記憶體的延遲。24 小時後,它現在可以正常工作了。

引用自:https://serverfault.com/questions/720757