Resource Sharing (Access-Control-Allow-Origin Header) Rackspace Cloudfiles CDN
I am getting the following error on our live site in Chrome due to the embedded font files in CSS on our CD CD:
The font from the source ' https://aaa-aaa.ssl.cf3.rackcdn.com ' was blocked from loading by the Cross-Origin Resource Sharing Policy: None 'Access-Control-Allow The -Origin header is present on the requested resource. Origin ' https://www.mysite.co.uk ' is therefore not allowed.
How do I add the Access-Control-Allow-Origin header to the response when getting these files from the CDN?
source to share
Finally worked it out from the docs and some help from the Rackspace team.
It is important to note that for CDN-enabled containers containing only CDN files, there is no need to configure the container meta-headers. They are only inherited by files outside the CDN.
I had to customize the response headers on the font files themselves. Unfortunately this is only supported by API via API and I used command line curl on Windows 7.
certify
The first step is to authenticate:
curl -d "{\"auth\":{\"RAX-KSKEY:apiKeyCredentials\":{\"username\":\"my_username\",\"apiKey\":\"my_api_key\"}}}" -H "Content-Type: application/json" "https://identity.api.rackspacecloud.com/v2.0/tokens"
Then extract id
from token
the answer and publicURL
endpoint
related cloudFiles
. I copied Notepad ++ 's answer and searched token
and cloudFiles
accordingly.
Customizing File Response Headers
I tried to customize headers with the following command:
curl -i -XPOST -H "x-auth-token: my-auth-token" -H "Access-Control-Expose-Headers: Access-Control-Allow-Origin" -H "Access-Control-Allow-Origin: *" https://storage101.lon3.clouddrive.com/v1/MossoCloudFS_my-end-point/container/pseudo-dir1/psuedo-dir2/my-site-icons.ttf
Did it work?
I got the answer HTTP/1.1 2xx
and checked it working with:
curl -i -XGET -H "X-Auth-Token: my-auth-token" https://storage101.lon3.clouddrive.com/v1/MossoCloudFS_my-end-point/container/pseudo-dir1/psuedo-dir2/my-site-icons.ttf
Unfortunately, you have to wait for the TTL file to expire or clear it to see the result in real time. When I did this, he was taking a day to do the edge brushing. I checked the live version with:
curl -i -XGET https://live-version-container-hash.ssl.cf3.rackcdn.com/pseudo-dir1/psuedo-dir2/my-site-icons.ttf
Configuring File Response Headers on Upload
I decided to add the version to my file and add the headers at boot time:
curl -i -XPUT -H "x-auth-token: my-auth-token" -H "Access-Control-Expose-Headers: Access-Control-Allow-Origin" -H "Access-Control-Allow-Origin: *" https://storage101.lon3.clouddrive.com/v1/MossoCloudFS_my-end-point/container/pseudo-dir1/psuedo-dir2/my-site-icons1.0.0.ttf -T my-site-icons.tff
Executed from my local directory where the file was located my-site-icons.tff
source to share