V2EX = way to explore
V2EX 是一个关于分享和探索的地方
Sign Up Now
For Existing Member Sign In
• 请不要在回答技术问题时复制粘贴 AI 生成的内容
This topic created in 3851 days ago, the information mentioned may be changed or developed.
想着微软跟中国政府关系还行,不像 google 的 cdn 容易被墙,就用了它的 cdn
主要是 bootstrap 的库,没想到
Font from origin 'http://ajax.aspnetcdn.com' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8000' is therefore not allowed access.
主要是 bootstrap 的库,没想到
Font from origin 'http://ajax.aspnetcdn.com' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8000' is therefore not allowed access.
 |
1
adexbn Oct 23, 2015 via iPhone
大部分库都有这个问题,试试 cdnjs
|
 |
2
lbp0200 Oct 23, 2015 via Android
360 也有
|
 |
3
TrustyWolf Oct 23, 2015
这不是 CDN 端的问题,而是本地 Web 服务器没有开启 CORS
http://enable-cors.org/ |
 |
4
hxsf Oct 23, 2015
@TrustyWolf 不是 CDN 的服务器开启 CORS 么?
|
 |
5
RAKE Oct 23, 2015
@TrustyWolf 看着好像是 CDN 拒绝了本地 127.0.0.1 啊。而且一般本地都不会特意去设置 CORS 的吧。
|
 |
6
yytsjq Oct 23, 2015
貌似最近的 http://ajax.aspnetcdn.com 都会重新向到 https://ajax.aspnetcdn.com
|
 |
7
maplerecall Oct 23, 2015
这个跨域不是 cdn 的问题,图方便就用--disable-web-security 参数启动 chrome ,本地环境调试线上接口方便的不要不要的
|
 |
8
zakokun Oct 23, 2015
咱们公司刚刚被 ucloud 的 cdn 坑了一下午加晚上
|
 |
11
Perry Oct 23, 2015 via iPhone
看到 block 就以为是政府干的了?
这个和墙以及微软没多大关系吧 |
2 |
14
moro Oct 23, 2015
提供字体文件的 web 服务需要添加
Access-Control-Allow-Origin: * http 头来允许可以访问的域,这样字体文件才能跨越使用。 |
 |
16
wdlth Oct 24, 2015
微软竟然不设 CORS 来搞 CDN ……
|
|
17
wdlth Oct 24, 2015
不过 Azure 的存储服务是有这个设置的,是不是微软忘记改了。
|
 |
18
Lucups Oct 24, 2015
|
 |
19
guoyijun163 Oct 24, 2015
@Showfom 你的 https 里有 2 行 Access-Control-Allow-Origin: *还没解决呢……
curl -I http://cdn.css.net/fonts/css?family=Open+Sans |
|
20
guoyijun163 Oct 24, 2015
@Showfom 部分 CDN 节点,不是所有
root@iZ23rk476waZ:~# curl -I https://cdn.css.net/fonts/s/notosans/v6/PIbvSEyHEdL91QLOQRnZ1-gdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1 200 OK Date: Sat, 24 Oct 2015 04:20:22 GMT Content-Type: font/woff2 Content-Length: 15676 Connection: keep-alive Last-Modified: Thu, 28 Aug 2014 18:20:07 GMT Expires: Thu, 31 Dec 2037 23:55:55 GMT Access-Control-Allow-Origin: * Timing-Allow-Origin: * X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: max-age=315360000 Alternate-Protocol: 443:quic,p=1 Access-Control-Allow-Origin: * Age: 2414129 Via: http/1.1 EACNCTCZJZWZZ01C001 (ATS [cRs f ]) Domain-Id: f7d89368ba9fb1de62db1c |
|
21
guoyijun163 Oct 24, 2015
@Showfom 更具体的 log ,带 IP ,还有同节点其他 IP 也是这样
root@iZ23rk476waZ:~# curl -I https://cdn.css.net/fonts/s/notosans/v6/PIbvSEyHEdL91QLOQRnZ1-gdm0LZdjqr5-oayXSOefg.woff2 -v * Hostname was NOT found in DNS cache * Trying 61.164.125.164... * Connected to cdn.css.net (61.164.125.164) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server key exchange (12): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using ECDHE-RSA-AES256-GCM-SHA384 * Server certificate: * subject: OU=Domain Control Validated; CN=*.css.net * start date: 2015-07-30 09:05:49 GMT * expire date: 2016-07-30 09:05:49 GMT * subjectAltName: cdn.css.net matched * issuer: C=BE; O=GlobalSign nv-sa; CN=AlphaSSL CA - SHA256 - G2 * SSL certificate verify ok. > HEAD /fonts/s/notosans/v6/PIbvSEyHEdL91QLOQRnZ1-gdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1 > User-Agent: curl/7.35.0 > Host: cdn.css.net > Accept: */* > < HTTP/1.1 200 OK HTTP/1.1 200 OK < Date: Sat, 24 Oct 2015 04:23:07 GMT Date: Sat, 24 Oct 2015 04:23:07 GMT < Content-Type: font/woff2 Content-Type: font/woff2 < Content-Length: 15676 Content-Length: 15676 < Connection: keep-alive Connection: keep-alive < Last-Modified: Thu, 28 Aug 2014 18:20:07 GMT Last-Modified: Thu, 28 Aug 2014 18:20:07 GMT < Expires: Thu, 31 Dec 2037 23:55:55 GMT Expires: Thu, 31 Dec 2037 23:55:55 GMT < Access-Control-Allow-Origin: * Access-Control-Allow-Origin: * < Timing-Allow-Origin: * Timing-Allow-Origin: * < X-Content-Type-Options: nosniff X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block X-XSS-Protection: 1; mode=block < Cache-Control: max-age=315360000 Cache-Control: max-age=315360000 < Alternate-Protocol: 443:quic,p=1 Alternate-Protocol: 443:quic,p=1 < Access-Control-Allow-Origin: * Access-Control-Allow-Origin: * < Age: 2414294 Age: 2414294 < Via: http/1.1 EACNCTCZJZWZZ01C001 (ATS [cRs f ]) Via: http/1.1 EACNCTCZJZWZZ01C001 (ATS [cRs f ]) < Domain-Id: f7d89368ba9fb1de62db1c Domain-Id: f7d89368ba9fb1de62db1c < * Connection #0 to host cdn.css.net left intact |
 |
22
Showfom PRO @guoyijun163 CDN 的坑 233333 看来得自建了
|
|
23
guoyijun163 Oct 24, 2015
@Showfom -_-搞的我心情大好的把 wordpress 引用全改了,结果发现全部引用不生效……还好 font 影响不大
|
 |
24
bdbai Oct 24, 2015 via iPhone
这个老坑了,推荐 bootcss 的 cdn 。
|
|
25
Showfom PRO @guoyijun163 我这访问的节点没问题 日了狗了
|
|
26
guoyijun163 Oct 24, 2015
@Showfom 我是访问的节点里一些有问题一些没问题……所以搞的一会字体出来一会没字体……醉了
|
Select Language