CORS not working

A

ActuallyZahid

New Member
#1
#1
Hello.
I have been using Cyberpanel for almost all of my sites. And everything is going absolutely fine.
But, recently I happened to find an issue.
That is, when I try to implement CDN for my sites, the fonts don’t load in any way.
For example, my site is http://www.thepetsmedia.com and I am using a subdomain cdn0.thepetsmedia.com as the CDN.
But whenever I enable CDN mapping and revisit my site, everything else loads just fine. But the fonts become broken and the icons get boxed.
I found out that it is a CORS problem when I looked at Inspect element=>Console=>
“Access to font at ‘https://cdn0.thepetsmedia.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?17’ from origin ‘https://www.thepetsmedia.com’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.”
I have already tried adding the CORS header in the .htaccess file but no luck.
Can anyone please help me out here?
Thanks in advance.

P.S. I have already tried these but no luck.
https://openlitespeed.org/kb/how-to-set-up-custom-headers/
https://openlitespeed.org/kb/setting-up-cors-on-openlitespeed/
https://openlitespeed.org/mediawiki/index.php/Help:CORS_Setup
None of these seems to be working. And there are differences among the URI and Location.
If possible, would you please specify the URI and Location?
I am using multiple WordPress sites through CyberPanel and OpenLitespeed.
 
W

WildfireSky

New Member
#5
#5
Cold-Egg said:
Follow the doc, and it should work. https://docs.openlitespeed.org/security/headers/#support-more-cors-methods
如果没有,请分享配置和域名 URL 或响应标头。
Click to expand...
I didn't expect that the official staff would reply to my post with the idea of giving it a try。
1746601983863.png
then
1746602121800.png
the vHost Conf
docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@gmail.com
enableGzip 1
enableIpGeo 1

errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}

accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}

index {
useServer 0
indexFiles index.php, index.html
}

scripthandler {
add lsapi:dwyzp5441 php
}

extprocessor cdn {
type proxy
address https://www.baidu.com/
maxConns 2000
pcKeepAliveTimeout 10000
initTimeout 60
retryTimeout 60
respBuffer 0
}

context /wp-content/ {
type proxy
handler cdn
addDefaultCharset off
addDefaultHeaders 1
header Cache-Control "public, max-age=31536000"
header Expires "max"
}

rewrite {
enable 1
autoLoadHtaccess 1
RewriteRule ^/(.*)$ https://cdn/$1 [P,L,E=Proxy-Host:www.baidu.com]
}

vhssl {
keyFile /etc/letsencrypt/live/001.baidu.com/privkey.pem
certFile /etc/letsencrypt/live/001.baidu.com/fullchain.pem
certChain 1
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}

module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
enableCache 1
checkPrivateCache 1
checkPublicCache 1
maxCacheObjSize 10000000
maxStaleAge 20000
qsCache 1
reqCookieCache 1
respCookieCache 1
ignoreReqCacheCtrl 1
ignoreRespCacheCtrl 0
enableCache 1
expireInSeconds 3600
}
But a cors error occurred at the source station。I have spent 2 days searching all the related posts on Google search engine and still can't solve this problem.

1746602334250.png
 
Cold-Egg

Cold-Egg

Administrator
#6
#6
The value you input to the web server is not valid, I'm not sure how you made it. The expected format would be IPv4/IPv6 address:)port) or web socket.
Second, the CORS header issue needs to be fixed from the origin server/site, which is Baidu instead of yours.

Something doable is to create a script like PHP to proxy baidu, fetch the data, and then return the result to the frontend.
 
You must log in or register to reply here.
Top