I'm trying to use the glyphicons provided by Bootstrap 3.3.6 but Chrome is blocking the access to them with this error message:
Font from origin 'http://[::1]' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access.
This is my .htaccess:
<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>
<FilesMatch "\.(ttf|otf|eot|woff)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>
What am I doing wrong? Am I editing the wrong .htaccess?
I also tried adding header("Access-Control-Allow-Origin: *"); at the beginning of my header.php file but that didn't work either. I'm out of ideas.
The folder structure is like this:
application
controller
model
view
header.php
index.php
footer.php
.htaccess
system
assets
css
fonts
images
js
I found the issue: I didn't set the base_url in the config.php from CodeIgniter. After setting it everything works.
You need to add the base URL to your configuration file:
$config['base_url'] ='http://www.urlname.com';
We can set this way so we can move any server no need to change try this one.
$config['base_url'] = 'http://'.$_SERVER['HTTP_HOST'].'/';
Allowing cross-site scripting may cause security issues, try to adjust your codeigniter options;
1.) Go to application/config/config.php file,
2.) find $config['base_url'] = ""; and
3.) place your project folder's path as value. $config['base_url']="http://localhost/yourProjectFolder/";
Related
I am testing rest api in SugarCRM. In order to use crm rest api, I added :
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
to .htaccess file and rebuilt .htaccess File. However, it did not give me solution. I am still getting error message with the following content:
XMLHttpRequest cannot load http://test.crm.loc/custom/clients/base/api/get_account.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
How can I fix it?
I found the answer. I put following code to the top of rest api code file:
header('Access-Control-Allow-Origin: *');
It worked for me.
And not understand how fix this problem, web server - apache...
for example:
link.com - all good
sub.link.com - not good, in console error
Font from origin 'link.com' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'sub.link.com' is therefore not allowed access.
i tried add in .htaccess
<IfModule mod_headers.c>
<FilesMatch "\.(svg|ttf|otf|eot|woff|woff2|css)$">
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Credentials true
</FilesMatch>
</IfModule>
after this remove and add this
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
and without .htaccess, I tried add in index.php
header("Access-Control-Allow-Origin: *");
BUT NOT WORKING! I think this problem due to because CSS fots files use like
...
src:url('icons/fonts/journal-icons.eot');
src:url('icons/fonts/journal-icons.eot?#iefix') format('embedded-opentype'),
...
but I do not understand what I need to do to fix this problem??? (It looked similar questions but did not help)
There's a very clear error message in the Chrome javascript console:
Font from origin 'http://www.mss.partneris.net' has been blocked from loading
by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin'
header is present on the requested resource. Origin
'http://www.test.mss.partneris.net' is therefore not allowed access.
Add:
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
to your apache configuration for http://www.mss.partneris.net domain, restart apache, and go to http://www.mss.partneris.net/catalog/view/theme/journal2/css/icons/fonts/journal-icons.woff in your browser or using curl, and see that it has Access-Control-Allow-Origin: * response header. When it does, try again in the browser, and hopefully it will all work well.
I'm developing an app with php and html5 and I want to access some data from my remote server via ajax. I read from the web and learnt I had to include .htaccess at the root level of my remote server which I've done that but when I try to access from info it gives me this error:
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access. The response had HTTP status code 404.
I'm using chrome for debugging the app.
This is how my files look:
.htaccess
# <IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
# </IfModule>
ajax
$(document).ready(function () {
$('#read').load('http://mywebsite/appsfolder/sample.php');
});
As Samurai8 mentioned in a comment, uncomment (that is, remove the '#' from the beginning of each line) the part of your .htaccess file that you posted. Your server will only send the header when that block is uncommented.
I have a php application that directs all urls that don't point to a static file to index.php (configured in .htaccess)
I added the following configuration to add a header to all requests in my .htaccess file, but the header is only applied to urls that go to static files.
Header set Access-Control-Allow-Origin *
What could prevent the header from being applied to index.php?
So the problem was that the mod_header module wasn't working with php fastcgi. It started working after switching to mod_php.
I have come across an error when trying to access my site with http://www.example.com instead of http://eample.com. My font icons will not load. So when searching for the solution to this I came across
the following solution which was adding the below code to a .htaccess file on the server.
<FilesMatch "\.(svg|ttf|otf|eot|woff)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "http://example.com, http://www.example.com"
</IfModule>
This managed to fix the problem but for Chrome only. How can i fix the issue for all browsers.
Thank you
Try using:
href="/css/font-awesome.min.css"
This will be relative to the domain they visitor is on, so if they connect to either http:// or http://www the fonts will load and there won't be a cross domain error