Cross Domain Web Fonts

Published on August 16, 2013 by in Administration

0

This is a relatively simple workaround to the issue in Firefox that prevents cross domain sharing of web fonts. This isn’t a big deal for most people, but can be if you host several sites in dotCMS, or use a common shared host for assets that get used between many sites. The rationale is actually somewhat sound on their part, since not all web fonts are open licensed in a way that would permit their use outside of the host in question – of course, the same could technically hold true for any asset on a website, so it’s somewhat arbitrary that they enforce it here.

At any rate, the article above talks about an .htaccess or httpd.conf approach to solving the problem. Which is perfect – for Apache HTTP users. We don’t have that benefit in dotCMS since it’s running on Tomcat. But, we do have the URLRewriteFilter. Luckily, the addition of one simple rule can help solve this problem.

<rule>
  <name>Web Font Cross-Domain Handler</name>
  <note>This allows web fonts to be shared across hosts, primarily a cross-site security restriction in Firefox.</note>
  <condition type="request-url">\.(eot|ttf|otf|woff)$</condition>
  <set type="response-header" name="Access-Control-Allow-Origin">*</set>
</rule>

Some may note the omission of SVG in the condition field, which is on purpose on my part, since SVG isn’t solely used for the purpose of web fonts, and shouldn’t be caught by the same denial that prevents web fonts in Firefox. You could also likely make this rule more complex to allow the request to be made only by certain servers. Just add this rule to /conf/urlrewrite-ext.xml in your server’s configuration plugin and redeploy, or add it directly to /{SERVER_ROOT}/dotCMS/WEB-INF/urlrewrite.xml.

As with the standard Apache configuration approach, you should note that this is an “all or nothing” style fix. That means anyone could, in theory, hotlink your fonts. Hence the comment above about making the rule more restrictive if you need to (see the URLRewrite Filter Documentation on conditions).

No comments yet.

Leave a Reply