跨源资源共享(Access-Control-Allow-Origin标头)Rackspace Cloudfiles CDN
[英]Cross-Origin Resource Sharing (Access-Control-Allow-Origin header) Rackspace Cloudfiles CDN
问题描述
I am getting the following error on our live site in Chrome due to embedded font files in CSS all on our rackspace CDN: 
由于CSS中的嵌入式字体文件全部位于我们的rackspace CDN上,因此我在Chrome中的实际网站上收到以下错误:
Font from origin ' https://aaa-aaa.ssl.cf3.rackcdn.com ' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
How do I add the Access-Control-Allow-Origin header on to the response when GETting these files from the CDN? 从CDN获取这些文件时,如何在响应中添加Access-Control-Allow-Origin标头?
1 个解决方案
解决方案1
3 已采纳 2014-11-12 16:14:18
Finally worked this out from the docs and some help from the Rackspace crew. 最后,从文档和Rackspace工作人员的帮助中解决了这个问题。
Importantly, for CDN enabled containers containing only CDN files, there is no point adjusting the container's meta-headers. 重要的是,对于仅包含CDN文件的启用CDN的容器,没有必要调整容器的元标题。 These are only inherited by files not on the CDN. 这些仅由不在CDN上的文件继承。
I had to adjust the response headers on the font files themselves. 我不得不调整字体文件本身的响应头。 Unfortunately this is only currently supported through the API and I used curl from the command line in Windows 7. 不幸的是,目前只支持API,我在Windows 7中使用了命令行中的curl。
Authenticating 认证
First step is to authenticate: 第一步是验证:
curl -d "{\"auth\":{\"RAX-KSKEY:apiKeyCredentials\":{\"username\":\"my_username\",\"apiKey\":\"my_api_key\"}}}" -H "Content-Type: application/json" "https://identity.api.rackspacecloud.com/v2.0/tokens"
Then extract the id of the token from the response and the publicURL of the endpoint related to cloudFiles . 然后从响应中提取token的id以及与publicURL相关的endpoint cloudFiles 。 I copied the response to Notepad++ and searched for token and cloudfiles respectively. 我将响应复制到Notepad ++并分别搜索token和cloudfiles 。
Adjusting file response headers 调整文件响应标头
I tried adjusting the headers with the following command: 我尝试使用以下命令调整标头:
curl -i -XPOST -H "x-auth-token: my-auth-token" -H "Access-Control-Expose-Headers: Access-Control-Allow-Origin" -H "Access-Control-Allow-Origin: *" https://storage101.lon3.clouddrive.com/v1/MossoCloudFS_my-end-point/container/pseudo-dir1/psuedo-dir2/my-site-icons.ttf
Did it work? 它有用吗?
I got a HTTP/1.1 2xx response and checked it worked with: 我得到了一个HTTP/1.1 2xx响应,并检查它是否适用于:
curl -i -XGET -H "X-Auth-Token: my-auth-token" https://storage101.lon3.clouddrive.com/v1/MossoCloudFS_my-end-point/container/pseudo-dir1/psuedo-dir2/my-site-icons.ttf
Unfortunately you have to wait for the file's TTL to expire, or purge it to see a live result. 不幸的是,您必须等待文件的TTL过期,或清除它以查看实时结果。 When I did this it was taking over a day to do an edge purge. 当我这样做时,花了一天时间进行边缘净化。 I checked the live version with: 我检查了实时版本:
curl -i -XGET https://live-version-container-hash.ssl.cf3.rackcdn.com/pseudo-dir1/psuedo-dir2/my-site-icons.ttf
Setting file response headers on upload 上传时设置文件响应标头
I settled on adding a version to my file and adding the headers during the upload: 我决定在我的文件中添加一个版本并在上传过程中添加标题:
curl -i -XPUT -H "x-auth-token: my-auth-token" -H "Access-Control-Expose-Headers: Access-Control-Allow-Origin" -H "Access-Control-Allow-Origin: *" https://storage101.lon3.clouddrive.com/v1/MossoCloudFS_my-end-point/container/pseudo-dir1/psuedo-dir2/my-site-icons1.0.0.ttf -T my-site-icons.tff
Performed from my local directory where the file my-site-icons.tff was located 从my my-site-icons.tff文件所在的本地目录执行
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.