Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # ----------------------------------------------------------------------
- # CORS-enabled images (@crossorigin)
- # ----------------------------------------------------------------------
- # Send CORS headers if browsers request them; enabled by default for images.
- # developer.mozilla.org/en/CORS_Enabled_Image
- # blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
- # hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
- # wiki.mozilla.org/Security/Reviews/crossoriginAttribute
- <IfModule mod_setenvif.c>
- <IfModule mod_headers.c>
- # mod_headers, y u no match by Content-Type?!
- <FilesMatch "\.(gif|png|jpe?g|svg|svgz|ico|webp)$">
- SetEnvIf Origin ":" IS_CORS
- Header set Access-Control-Allow-Origin "*" env=IS_CORS
- </FilesMatch>
- </IfModule>
- </IfModule>
- # ----------------------------------------------------------------------
- # Webfont access
- # ----------------------------------------------------------------------
- # Allow access from all domains for webfonts.
- # Alternatively you could only whitelist your
- # subdomains like "subdomain.example.com".
- <IfModule mod_headers.c>
- <FilesMatch "\.(ttf|ttf?8|ttc|otf|eot|eot?8|woff|woff?8|woff2|font.css|css|js)$">
- Header set Access-Control-Allow-Origin "*"
- </FilesMatch>
- </IfModule>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
