There are fonts defined in CSS using @ font-face. All resources lie on a separate server, which is authenticated via cookie. Everything works great, except for fonts - for some reason, the browser, requesting them, does not put a cookie and instead of the font we get 403.

What can be wrong?

  • If you are given an exhaustive answer, mark it as correct (a daw opposite the selected answer). - Nicolas Chabanovsky

1 answer 1

Font file paths must be specified correctly.

( from here ) Maybe this: in the fonts folder you need to create a .htaccess file with the contents:

Order Deny,Allow Allow from all

( from here ) or this: you need to check the .htaccess file (if any) - it can block certain files. You can allow file extensions in it that correspond to font files. (e.g. eot, woff, ttf):

 # все запретить <FilesMatch ".*"> Order Allow,Deny Deny from all </FilesMatch> # разрешить некоторые типы файлов: <FilesMatch ".*\.(eot|ttf|woff)$"> Order Allow,Deny Allow from all </FilesMatch>
  • It's all great when you have access to the settings of the server that gives the content. In our case, this is Amazon CloudFront, and such things will not work out for sure. Yes, and exactly the presence of the .htaccess file can affect how the browser makes a request? After all, the client forms a request, and .htaccess on the server side is - andy
  • @ andrey.ps2007 Checked Amazon CloudFront settings? Maybe a link that tells you: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/… - CodeGust