Cross domain font woes – part 2
July 4, 2012 § 1 Comment
A few months back we looked at issues related to showing custom fonts in firefox (see Cross domain font woes in Firefox). Since then we have also started hosting more and more sites on heroku where you have no control over nginx. Obviously this makes the previously proposed solution hard to implement…plus who can remember all of that config?
So we’ve released rack-access-control-headers to make things a whole lot easier! This is a simple bit of rack middleware that can be used in any rack app to set the appropriate headers. Getting started is easy:
1, Add the gem to your Gemfile (if using bundler):
3, Insert middleware, in config/application.rb (or specific environment file – example from rails):
config.middleware.insert_before 'ActionDispatch::Static', 'Rack::AccessControlHeaders', /assets/
Where /assets/ is a regex of the path you want to inject the headers.
N.b. including ahead of ActionDispatch::Static is important if you’re running rails.
By default the the allowed origin is set to “*”, if you want to lock this down, you can simply supply a second argument:
config.middleware.insert_before 'ActionDispatch::Static', 'Rack::AccessControlHeaders', /assets/, 'http://myawesomesite.com'
Simple as that!
One last thing to check is that your web server passes through the headers and that your CDN honors them.
Feel free to submit pull requests with any updates or improvements and I’d love to hear if you are using this.