

Firefox cross domain font issue - bob_p
http://logicalfriday.com/2012/07/04/cross-domain-font-woes-part-2/

======
schrijver
It would also be nice if Firefox would solve this. If we can load an image
from another domain we should be able to load a font from another domain by
default.

Though I do see how a font has more potential for malware than an image, the
other browser makers apparently don’t see any qualms with cross-domain font
loading. Anyone know Firefox’s rationale for doing this differently from the
other vendors?

~~~
gcp
It's required by the standard. Firefox complies with the standard, the other
browsers don't, so there is nothing for Firefox to "fix".

<http://dev.w3.org/csswg/css3-fonts/#same-origin-restriction>

Some related discussion: <https://bugzilla.mozilla.org/show_bug.cgi?id=604421>

~~~
wiradikusuma
At least they should allow it for root domain to access subdomain's. I put all
static files in a subdomain to make them free of cookies, but such restriction
makes things difficult.

------
floatingatoll
Alternate title: "rack-access-control-headers: Solving the Firefox cross
domain font issue".

------
sidmitra
You're stuck if you're on Amazon S3, since Access-Control-Allow-Origin isn't
supported.

<https://forums.aws.amazon.com/thread.jspa?threadID=34281>

~~~
tweiss
I'm following that thread hoping that some day they will listen to their
customers. I'm pretty close to switching to another CDN because of that. Do
you happen to have any recommendations?

~~~
sidmitra
For now i'm just waiting on them to fix it, and serving fonts via nginx from
our web-front end.

------
tweiss
I have the same problem and haven't found a solution that works and is easy to
set up and manage. This looks promising, too bad I'm using Django and not RoR.

The combination heroku + S3 is awesome, but throw in fonts and firefox and it
turns into an ugly mess.

