-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhtaccess
25 lines (21 loc) · 1.17 KB
/
htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# BEGIN deliver fonts to subdomains and cross domains for same origin strict browsers (Firefox and Internet Explorer)
<FilesMatch "\.(ttf|otf|eot|woff|svg|font.css)$">
<IfModule mod_headers.c>
# Code for subdomains-replace "domain" and "tld"
SetEnvIf Origin "^(.*\.domain\.tld)$" ORIGIN_SUB_DOMAIN=$1
Header add Access-Control-Allow-Origin "%{ORIGIN_SUB_DOMAIN}e" env=ORIGIN_SUB_DOMAIN
# Code for cross domains-replace "domain.tld"-add "|domain.tld" within (domain.tld) for each additional domain
SetEnvIf Origin "http(s)?://(www\.)?(domain.tld)$" AccessControlAllowOrigin=$0$1
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
# Allow for credentials
Header set Access-Control-Allow-Credentials true
</IfModule>
</FilesMatch>
# If above fails, uncomment the following five rows and comment all above rows for testing
# If this and/or above fails, likely the configuration for a proxy (e.g., Varnish) in front of Apache is stripping headers
#<FilesMatch "\.(ttf|otf|eot|woff|svg|font.css)$">
#<IfModule mod_headers.c>
#Header set Access-Control-Allow-Origin "*"
#</IfModule>
#</FilesMatch>
# END deliver fonts to subdomains and cross domains