CORS with php (Wordpress) CORS with php (Wordpress) wordpress wordpress

CORS with php (Wordpress)


php wordpress cors

The problem here seems to be that you previously had the fonts on the same domain as the WordPress installation. Now that fonts live on a different domain (and possibly different server), you need to set the Access-Control-Allow-Origin header on the server that is handling the fonts, not the one serving WordPress.

On Nginx it would be something like:

location ~ \.(eot|ttf|otf|woff)$ {  add_header Access-Control-Allow-Origin *;}

On Apache's .htaccess it will be exactly as you did above, but you should restrict this header to font files:

AddType application/vnd.ms-fontobject .eotAddType application/x-font-ttf        .ttfAddType application/x-font-opentype   .otfAddType application/font-woff         .woff<FilesMatch ".(eot|ttf|otf|woff)">  Header set Access-Control-Allow-Origin "*"</FilesMatch>

php wordpress cors

I had the same problem but with icons may solution at the moment is like that:

Depending on your host service you should have a .htaccess file (if it's an Apache server) in your root directory. With a Wordpress installation it's content is like that:

# BEGIN WordPress<IfModule mod_rewrite.c>Header set Access-Control-Allow-Origin "*"RewriteEngine OnRewriteBase /RewriteRule ^index\.php$ - [L]RewriteCond %{REQUEST_FILENAME} !-fRewriteCond %{REQUEST_FILENAME} !-dRewriteRule . /index.php [L]</IfModule># END WordPress

I added the line Header set Access-Control-Allow-Origin "*" and the CORS error was gone.

php wordpress cors

I faced same issue Today and I am able to solve following linkhttps://thoughtsandstuff.com/wordpress-rest-api-cors-issues/

Add this to your WordPress function.php file and you should be set!

add_action('init', 'handle_preflight');function handle_preflight() {    $origin = get_http_origin();    if ($origin === 'https://yourfrontenddomain') {        header("Access-Control-Allow-Origin: yourfrontenddomain");        header("Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE");        header("Access-Control-Allow-Credentials: true");        header('Access-Control-Allow-Headers: Origin, X-Requested-With, X-WP-Nonce, Content-Type, Accept, Authorization');        if ('OPTIONS' == $_SERVER['REQUEST_METHOD']) {            status_header(200);            exit();        }    }}add_filter('rest_authentication_errors', 'rest_filter_incoming_connections');function rest_filter_incoming_connections($errors) {    $request_server = $_SERVER['REMOTE_ADDR'];    $origin = get_http_origin();    if ($origin !== 'https://yourfrontenddomain') return new WP_Error('forbidden_access', $origin, array(         'status' => 403    ));    return $errors;}

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last