Font-awesome: Access-Control-Allow-Origin headers missing

Taking a look now.

You all may already be aware of this, but I am getting errors on every site where we are loading FontAwesome from the CDN:

Font from origin 'https://use.fontawesome.com' has been blocked from loading by Cross-Origin Resource Sharing policy: The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed. Origin '[our-URL]' is therefore not allowed access.

The request to load https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js is returning this in the Response header:

access-control-allow-origin:*, *

In fact, the access-control-allow-origin header is doubled, which is wrong:

access-control-allow-methods:GET
access-control-allow-origin:*
access-control-allow-origin:*
...other headers follow...

Every single site sourcing from fa-cdn is in trouble now. :(

The ones serving fa from local assets are safe.

I rolled back a change and it should be showing again. Sorry for this. Will have to solve a CORS issue a different way.

On June 2, 2016 at 10:20:25 AM, Deny Dias ([email protected]) wrote:

In fact, the access-control-allow-origin header is doubled, which is wrong:

access-control-allow-methods:GET
access-control-allow-origin:*
access-control-allow-origin:*
...other headers follow...
Every single site using fa-cdn is in trouble now. :(

The ones serving fa from local assets are safe.

—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub, or mute the thread.

@supercodepoet, thanks for the quick action.

Yeah, CORS is a tricky land...

Is there any resolution with regards to this. I'm going to host the assets on our server but it's frustrating as a pro user that I can't stay up to date with the newest version.

@chadcodes this should not be related to the Font Awesome Pro repository, it is related to the old fort awesome CDN

If you have any CORS issue with FA Pro, please open a new issue by filling out our bug report template