CORS headers in WordPress

1 Views

I’m having some difficulty with CORS headers not giving me access to fonts in my WordPress site.

This is the error I get in the console:

Read More

*

Cross-Origin Request Blocked: The Same Origin Policy disallows reading
the remote resource at
http://fonts.gstatic.com/s/raleway/v10/0dTEPzkLWceF7z0koJaX1A.woff2.
(Reason: CORS header ‘Access-Control-Allow-Origin’ missing)

.*

I’ve tried the following but to no avail:

  • Amending my htaccess. file. Here it is:

    Switch rewrite engine off in case this was installed under HostPay.

    RewriteEngine Off

    AddHandler application/x-httpd-php53 .php .php5

    DirectoryIndex index.cgi index.php

    BEGIN WordPress

    RewriteEngine On
    Header set Access-Control-Allow-Origin “
    Header add Access-Control-Allow-Headers “origin, x-requested-with, content-type”
    Header add Access-Control-Allow-Methods “PUT, GET, POST, DELETE, OPTIONS”

    Header set Access-Control-Allow-Origin “

    RewriteBase /
    RewriteRule ^index.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    END WordPress

    • Downloading the WP-CORS plugin, which seems to be what I need but the bloody ‘Settings’ tab doesn’t appear!

    • Adding some php into the top of my header.php file, but that doesn’t seem to do anything either.

The sit eis hosted on 123-reg so I don’t have access to Apache, so sudo a2enmod headers isn’t an option either.

Any help would be really appreciated

Post Views: 1

Related posts

1 comment

  1. The server that serves the file gets to chose who gets to request the file. The file you’re attempting to request is on Google’s server as KIMB-technologies said.

    You cannot set CORS for someone else’s server. That just wouldn’t be nice.

    You can read more about CORS from Mozilla over here.

Comments are closed.