CORS 标头在 CURL 中设置正确,但从浏览器加载页面时未设置

tag-icon tag-icon apache-2.2 wordpress cors
CORS 标头在 CURL 中设置正确,但从浏览器加载页面时未设置

我有一个使用 font-awesome 的网站,我想使用 cloudfront 作为 CDN(我的网站在 apache 上运行)。我已在此网站的 conf 文件中启用了 cors。

这是我的站点的配置文件:

<VirtualHost *:80>
    ServerAdmin [email protected]
    ServerName spotlessmommy.com
    ServerAlias www.spotlessmommy.com

    DocumentRoot /var/www/spotlessmommy
    <Directory />
            Options FollowSymLinks
            AllowOverride None
    </Directory>
    <Directory /var/www/spotlessmommy>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride ALL
            Order allow,deny
            allow from all

            Header set Access-Control-Max-Age "1000"
            Header set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding"
            Header set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"

            <FilesMatch ".(eot|ttf|otf|woff)">
                    Header set Access-Control-Allow-Origin "*"
            </FilesMatch>

    </Directory>

当我尝试使用 curl 时,我得到了正确的标头 -

E:\Software Files\curl>curl -I spotlessmommy.com/wp-content/themes/sociallyviral
/fonts/fontawesome-webfont.ttf
HTTP/1.1 200 OK
Date: Tue, 08 Sep 2015 01:04:00 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 29 May 2015 19:46:10 GMT
ETag: "228fc-5173dba530480"
Accept-Ranges: bytes
Content-Length: 141564
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorizat
ion, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Vary: User-Agent
Access-Control-Allow-Origin: *


E:\Software Files\curl>curl -I spotlessmommy.com
HTTP/1.1 200 OK
Date: Tue, 08 Sep 2015 01:04:03 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.11
X-Pingback: http://spotlessmommy.com/xmlrpc.php
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorizat
ion, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Vary: User-Agent
Content-Type: text/html; charset=UTF-8

但在浏览器中,我仍然收到字体文件的跨域错误。该网站是 www.spotlessmommy.com(如果您加载该网站,您会看到社交媒体图标只是空框)

Font from origin 'http://d13wghwkc7ps4m.cloudfront.net' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://spotlessmommy.com' is therefore not allowed access.

还有什么想法我应该尝试吗?过去 14 个小时里我一直在努力解决这个问题 :(

答案1

没关系。这是由于 CDN 缓存延迟造成的。24 小时后,现在就可以正常工作了。

相关内容