使用PHP的CORS(Wordpress) [英] CORS with php (Wordpress)
问题描述
我已经用Wordpress重新启动了我的网站。
不幸的是,Chrome,Firefox和IE都没有显示几种字体。我收到以下错误:
I have relaunched my website with Wordpress. Unfortunately, a couple of fonts are not being displayed neither in Chrome nor Firefox nor IE. I get the following error:
从来源 http://w8qb4xj6s.homepage.t-online.de '已被CORS
政策阻止:否
请求的资源上存在 Access-Control-Allow-Origin标头。来源' http://www.obstgut-auf-der-heide.de '是
,因此不允许访问。
Access to Font at 'MY WORDPRESS FONTS URL' from origin 'http://w8qb4xj6s.homepage.t-online.de' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.obstgut-auf-der-heide.de' is therefore not allowed access.
这可能是因为我已经在子目录中安装了Wordpress,但是然后通过将index.php复制到根目录来移动它的根目录(我希望在请求主页URL时显示新网站)。
This is probably because I've installed Wordpress in a subdirectory, but then "moved" it so the root by copying the index.php to the root (I want the new website to be displayed when requesting the home URL).
为了修复丢失的字体,我尝试将以下代码之一添加到header.php和wp-blog-header.php:
In order to fix the missing fonts, I've tried adding either of the following code to header.php and wp-blog-header.php:
header("Access-Control-Allow-Origin: *");
或
or
Header set Access-Control-Allow-Origin: *
Header set Access-Control-Allow-Headers: Content-Type, Depth,
User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-
Name, Cache-Control
Header set Access-Control-Allow-Credentials: true
Header set Access-Control-Allow-Methods: OPTIONS, GET, POST
或
or
var invocation = new XMLHttpRequest();
var url = 'http://www.obstgut-auf-der-heide.de/';
function callOtherDomain(){
if(invocation) {
invocation.open('GET', url, true);
invocation.withCredentials = true;
invocation.onreadystatechange = handler;
invocation.send();
}
}
我还用home-URL替换了 *。没事。我对这件事很陌生,对php和其他东西也不了解。但是也许你们当中有人知道我还能尝试解决什么?我将非常感谢!!!!
I've also replaced the "*" by the home-URL. Nothing worked. I'm very new to this whole matter and don't know much about php and stuff. But maybe one of you have any idea what else I could try to fix this?? I'd be super grateful!!!!
谢谢Elena
推荐答案
这里的问题似乎是您以前将字体与WordPress安装位于同一域中。现在,字体位于不同的域(可能还有不同的服务器)上,您需要在处理字体的服务器上设置 Access-Control-Allow-Origin
标头,
The problem here seems to be that you previously had the fonts on the same domain as the WordPress installation. Now that fonts live on a different domain (and possibly different server), you need to set the Access-Control-Allow-Origin
header on the server that is handling the fonts, not the one serving WordPress.
在Nginx上是这样的:
On Nginx it would be something like:
location ~ \.(eot|ttf|otf|woff)$ {
add_header Access-Control-Allow-Origin *;
}
在Apache的 .htaccess上
与上面的操作完全相同,但是您应该将此标头限制为字体文件:
On Apache's .htaccess
it will be exactly as you did above, but you should restrict this header to font files:
AddType application/vnd.ms-fontobject .eot
AddType application/x-font-ttf .ttf
AddType application/x-font-opentype .otf
AddType application/font-woff .woff
<FilesMatch ".(eot|ttf|otf|woff)">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
这篇关于使用PHP的CORS(Wordpress)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!