django - Firefox WebFont 403 Despite S3 CORS Rules -

-

i'm trying host , serve webfonts (specifically, fontawesome) django project on heroku aws s3, , i'm having difficulty overcoming dreaded firefox cross-domain font-loading issue. i've tried documented, accepted solutions , none of them working me.

the recommended solution keep seeing edit cors configs on s3 bucket:

<?xml version="1.0" encoding="utf-8"?> <corsconfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">     <corsrule>         <allowedorigin>https://myapp.herokuapp.com</allowedorigin>         <allowedorigin>https://www.myapp.herokuapp.com</allowedorigin>         <allowedorigin>https://myapp.com</allowedorigin>         <allowedorigin>https://www.myapp.com</allowedorigin>         <allowedmethod>get</allowedmethod>         <maxageseconds>3000</maxageseconds>         <allowedheader>authorization</allowedheader>    </corsrule> </corsconfiguration>

i've tried different variations of these settings , firefox still giving me http 403 forbidden https://www.myapp.com:

request url: https://my_bucket.s3.amazonaws.com/css/fontawesome-webfont-webfont.ttf request method: status code: http/1.1 403 forbidden

with http request i'm getting "access-control-allow-credentials:true" in response headers.

is there cors rule need declare firefox accept fonts s3? when curl font-awesome don't get/see helpful troubleshooting this:

> https://s3.amazonaws.com/my_bucket/font/fontawesome-webfont.eot * connect() s3.amazonaws.com port 443 (#0) *   trying xxx.xx.xx.xxxx... connected * connected s3.amazonaws.com (xxx.xx.xx.xxx) port 443 (#0) * sslv3, tls handshake, client hello (1): * sslv3, tls handshake, server hello (2): * sslv3, tls handshake, cert (11): * sslv3, tls handshake, server finished (14): * sslv3, tls handshake, client key exchange (16): * sslv3, tls change cipher, client hello (1): * sslv3, tls handshake, finished (20): * sslv3, tls change cipher, client hello (1): * sslv3, tls handshake, finished (20): * ssl connection using des-cbc3-sha * server certificate: *       subject: c=us; st=washington; l=seattle; o=amazon.com inc.; cn=s3.amazonaws.com *       start date: 2010-10-08 00:00:00 gmt *       expire date: 2013-10-07 23:59:59 gmt *          common name: s3.amazonaws.com (matched) *       issuer: c=us; o=verisign, inc.; ou=verisign trust network; ou=terms of use @ https://www.verisign.com/rpa (c)09; cn=verisign class 3 secure server ca - g2 *       ssl certificate verify ok. > /my_bucket/font/fontawesome-webfont.eot http/1.1 > user-agent: curl/7.21.4 (universal-apple-darwin11.0) libcurl/7.21.4 openssl/0.9.8r zlib/1.2.5 > host: s3.amazonaws.com > accept: */* > origin: https://www.myapp.com > < http/1.1 200 ok < x-amz-id-2: xxmcwhqmstgmmmaqnsht/+ro7aluqsryz5wtasemkm5cpave+nkbqcud8ykiiide < x-amz-request-id: 90ff2c1c85254815 < date: mon, 22 jul 2013 01:54:53 gmt < access-control-allow-origin: https://www.myapp.com < access-control-allow-methods: < access-control-max-age: 3000 < access-control-allow-credentials: true < vary: origin, access-control-request-headers, access-control-request-method < last-modified: mon, 22 jul 2013 01:44:31 gmt < etag: "455808250694e5760bd92b3ce1f070b6" < accept-ranges: bytes < content-type: application/octet-stream < content-length: 25395 < server: amazons3 < 3cob?lp&?s~fontawesomeregular"version 1.00 2012&fontawesome regularbsgpÉ´bgbkv?????y?d

is there way set access-control-allow-origin might working?

if restricting access specific http referrers in bucket policy, add bucket url in referer list. example:

"condition": {     "stringlike": {         "aws:referer": [             "http://my_bucket.s3.amazonaws.com/*",             "https://my_bucket.s3.amazonaws.com/*",             "http://www.example.com/*",             "https://www.example.com/*",         ]     } }

check response headers in firefox. turns out referer font css file, hosted on s3 bucket, not domain.


Comments

Post a Comment

Popular posts from this blog

html5 - What is breaking my page when printing? -

-
Image
i have questioner , don't know why when printing it's creating break before first question. live demo (link) i able resolve issue removing fieldset container had wrapped in.. having fieldset element causing of fields grouped together, , since not fit on first page, being pushed second page. removing fieldset element, able firefox print first 2 questions on page 1 identically chrome. it seems not new problem firefox , fieldset not playing nice found old bugzilla ticket 2008 has persisted , still being commented on in 2014 (link) if retaining fieldset important, found solution else came here (link) <script type='text/javascript'> $(window).bind('beforeprint', function(){ $('fieldset').each( function(item) { $(this).replacewith($('<div class="fieldset">' + this.innerhtml + '</div>')); } ) }); $(window).bind(
Read more

c# - must be a non-abstract type with a public parameterless constructor in redis -

-
when save object, got below error must non-abstract type public parameterless constructor in order use parameter 't' in generic type or method 'servicestack.redis.redisclient.store<t>(t) redisclass.getinstnace().store(msg); // error here redisclass.getinstnace().save(); as third party's class, can not edit how save object? could create wrapper around third party object call constructor, store wrapper? e.g. public class mywrapper { public thirdpartyobject thirdpartyinstance { get; set; } public mywrapper() { thirdpartyinstance = new thirdpartyobject("constructors"); } }
Read more

ajax - PHP/JSON Login script (Twitter style) not setting sessions -

-
i'm having trouble getting twitter style login work properly, reason gets stuck at session_register("useremail"); session_register("userpass"); and doesn't redirect after it. if enter wrong account data, works , appropriate error message pops up. this full code: <?php if(empty($_post['email']) || empty($_post['password'])) { die(msg(0,"all fields required")); } if(!(preg_match("/^[\.a-z0-9_\-\+]+[@][a-z0-9_\-]+([.][a-z0-9_\-]+)+[a-z]{1,4}$/", $_post['email']))) die(msg(0,"you haven't provided valid e-mail")); $host="localhost"; $username="root"; $password="x"; $db_name="x"; $tbl_name="x"; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select db"); $useremail=$_post['email']; $userpass=
Read more