试图执行以下内容:
RewriteRule \.ttf$ - [E=cors:1] Header set Access-Control-Allow-Origin "*.example.com" env=cors:1 Header set Access-Control-Allow-Origin "*.sadface.com" env=!cors:1 然后请求:
$ curl -I http://www.example.com/font.ttf ... Access-Control-Allow-Origin: *.sadface.com
UPDATE
感谢Jenny D,我发现其他地方的重写规则是做一个本地redirect到index.php,所以我修改了以下内容:
# Set CORS domain for fonts. RewriteCond %{QUERY_STRING} \.ttf RewriteRule ^(.*)$ $1 [E=cors:1] Header set Access-Control-Allow-Origin "*.example.com" env=cors:1 Header set Access-Control-Allow-Origin "*.sadface.com" env=!cors:1
这提供了以下日志条目:
RewriteCond: input='q=font.ttf' pattern='\\.ttf' => matched
尽pipe如此,我仍然获得Access-Control-Allow-Origin: *.sadface.com
更新2:
看起来像env=cors:1是不是在做我所期望的, env=cors:1以下修正了这个问题:
Header set Access-Control-Allow-Origin "*.example.com" env=cors
由于是Drupal站点,所有非文件/目录请求都被redirect到index.php?q=$1 。 我反而需要评估查询string,如下所示:
# Set CORS domain for fonts. RewriteCond %{QUERY_STRING} \.ttf RewriteRule ^(.*)$ $1 [E=cors:1] Header set Access-Control-Allow-Origin "*.example.com" env=cors