Enable CORS

[zhangshine]

firefox 下无法加载webfont

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://apps.bdimg.com/libs/bootstrap/3.2.0/fonts/glyphicons-halflings-regular.woff. This can be fixed by moving the resource to the same domain or enabling CORS. 

downloadable font: download failed (font-family: "Glyphicons Halflings" style:normal weight:normal stretch:normal src index:1): bad URI or cross-site access not allowed

source: http://apps.bdimg.com/libs/bootstrap/3.2.0/fonts/glyphicons-halflings-regular.woff

[huang-xin]

how?

[zhangshine]

不知道你们用什么服务器, nginx的 http://stackoverflow.com/a/17273542

[huang-xin]

我是想知道你是用的什么方法引用的静态资源

[zhangshine]

Firefox下

<!DOCTYPE html>
<html>
<head>
    <title>Test</title>
    <link rel="stylesheet" href="http://apps.bdimg.com/libs/bootstrap/3.2.0/css/bootstrap.min.css">
</head>
<body>
    <span class="glyphicon glyphicon-star"></span>
</body>
</html>

[huang-xin]

多谢，我们马上解决。

[huang-xin]

fixed

[zhangshine]

还是有同样的问题，返回的header里面并没有Access-Control-Allow-Origin: * ，只好暂时用staticfile.org了

[huang-xin]

Access-Control-Allow-Method:GET
Access-Control-Allow-Origin:*
确认已经加上了

[zhangshine]

只有eot文件加上了,ttf和woff都没有, IE用eot, firfox用woff

[huang-xin]

location ~* \.(ttf|ttc|otf|eot|woff)$ {
    add_header  Access-Control-Allow-Origin "*";
    add_header  Access-Control-Allow-Method "GET";
}

Chrome, FireFox下测试woff也是ok的，麻烦看看你那是否有缓存或者反向代理了。

[zhangshine]

第一张图是我本地(上海)请求的header, 第二张是从美国的一个vps上请求的header, 都是3.1.1版本的加上了, 3.2版本的没有. 不纠结了, 能用就好了.