|Jun 18, 2010, 06:39 AM||#1|
Firefox won't load @font-face from another domain
This is less a question than a note for reference, in hopes that if someone else searches for the same problem I just spent an hour and a half banging my head against, they'll find it. Someone else has no doubt documented it somewhere, but my Googling completely failed to help.
Upshot is I had a nice, simple @font-face implementation working well.
Then, along the line somewhere, I decided to move the font files to my media subdomain; as per some Yahoo recommendations, the media subdomain is at a different domain, so that cookies set for the main site content don't get fed along with all the requests to the media domain, since they're of no use there. Yes, it's a vanishingly small speed increase, but why not.
Well, when I went to do final verification, all my @font-face rules had stopped working in Firefox (and Opera, I'm assuming for the same reason, though I haven't tested yet). Safari and IE both fine. Huh?
A ridiculous number of experiments later and I finally figured out it has to do with the new implementation of HTTP access control.
Upshot, as much as I can be bothered to read at 4:30am after an hour and a half of frustration, is that FF3.5 institutes some new HTTP header stuff wherein resources from a different domain will only be loaded if the HTTP headers specifically allow that particular cross-domain pairing.
One of its intended effects, listed right at the top of the document, it to only allow font resources to be loaded from sites with explicit permission to do so.
Which, being that it is not (so far as I've found) particularly widely documented, means that if you try to load a font from a domain other than the requesting one, it won't work, for no apparent reason whatsoever, and there are no errors reported in the FF console that I could find. Setting up the HTTP headers correctly is one workaround; the other is just sticking the fonts on the same domain.
MAN that was frustrating. I'm sure there's a very legitimate and valid reason for doing this, but I suddenly hate FireFox so much more than I did yesterday. I'm sure it'll pass.
|Jun 18, 2010, 07:04 AM||#2|
Nice find. This is one of the issues with working with the latest and greatest techniques. Always harder to find solutions.
I'm sure the reasoning for doing this (Firefox) was a security one. A List Apart's latest article was about web fonts and the new stuff coming out. It talks about licensing issues and protecting fonts. While this cross-domain block would not stop people from stealing a font, it would keep others from hot-linking the fonts. It could also give a way to block a potential attack vector if a vulnerability is found.
|Jun 18, 2010, 03:47 PM||#3|
Given the existing means of anti-hotlink protection available, it seems a little like overkill to add another layer of complexity to something one would sort of expect to be a straightforward process, but then I'm neither a security nor rights-management expert.
|Oct 27, 2010, 02:06 PM||#4|
For anyone else that finds this via Google search, here's the quick fix using an .htaccess file and the mod_headers module. No idea if the mod_headers is a fairly standard module, or if I just got lucky on my server :-p
Create and upload a file named .htaccess to the directory containing your fonts, with the following contents:
<Files ~ "\.(ttf|woff)$"> Header add Access-Control-Allow-Origin "*" </Files>
If this fix won't work for you, try going the PHP route to add headers. I could write up something if someone needs, but it just gets messy. This is the clean/preferred solution afaik.
|Thread Tools||Search this Thread|
|thread||Thread Starter||Forum||Replies||Last Post|
|Mac will not load one specific internet domain||roztokino||OS X||11||Nov 5, 2012 09:34 PM|
|Firefox, addon download fails to load||passion4audio||Mac Basics and Help||0||Nov 1, 2012 02:31 PM|
|Website Load Problem w/ Firefox OS X||kbxx||Web Design and Development||4||Oct 5, 2012 09:16 PM|
|Imacro to load two firefox windows||Dal123||Web Design and Development||0||Jul 22, 2012 03:18 PM|
|Unable to load weB pages by domain. Any suggestions?||ealpin||MacBook||1||Jun 17, 2012 02:47 AM|
All times are GMT -5. The time now is 07:30 AM.