add_header

steve steve at greengecko.co.nz
Wed Jun 21 19:48:44 UTC 2017


Hi folks,

As a precaution against CORS, I

     add_header Access-Control-Allow-Origin *;

outside any location{} block in my server{} definition.

I have recently had a problem where I deliver .css via a CDN, and that 
CDN references font files also on the CDN, and this was triggering CORS, 
so the font wasn't loaded.

The solution was to also add that header to the location{} block that I 
use to manage the relevant static resources.

This seems rather strange. Is it supposed to work this way?

Cheers,

Steve

-- 
Steve Holdoway BSc(Hons) MIITP
https://www.greengecko.co.nz/
Linkedin: https://www.linkedin.com/in/steveholdoway
Skype: sholdowa



More information about the nginx mailing list