HTML and CSS Reference
In-Depth Information
tp://example.com to use an img element with an src attribute pointing to an im-
age on your server http://foo.com/image.jpg , you can enable a more restrict-
ive policy that only allows certain domains to access your image files by changing
the following line in the .htaccess file from:
Header set Access-Control-Allow-Origin "*"
env=IS_CORS
To the following line:
Header set Access-Control-Allow-Origin
"http://example.com" env=IS_CORS
Where you replace http://example.com with the domain name that is only al-
lowed access to that image. The server will then prevent any other domain from ac-
cessing images on your domain.
If you want your images to be accessed by multiple domains, you will have to write a
convoluted regex comparison for the origin, as shown in the following code snippet:
SetEnvIf Origin ยป
"^http(s)?://(.+\.)?(example-1\.com|example-2\.com)$"
origin_is=$0
Header always set Access-Control-Allow-Origin
%{origin_is}eenv=origin_is
In this case, replace example-1\.com with your domain (take care to place the for-
ward slash before the .com ), and likewise for example-2\.com .
Webfont access
Most of the time, you will be hosting fonts on the same domain where you will be
using them. If you do host fonts in a separate domain, Firefox will not request them
without the right HTTP header. This directive is already enabled by default in .htac-
cess file. In case you want to restrict access, you need to change these lines from:
Search WWH ::




Custom Search