Created
March 7, 2015 06:36
-
-
Save renesansz/3a1f9813c8d9b7008654 to your computer and use it in GitHub Desktop.
.htaccess w/ Cross-Origin [From HTML5 Boilerplate]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ###################################################################### | |
# # CROSS-ORIGIN # | |
# ###################################################################### | |
# ---------------------------------------------------------------------- | |
# | Cross-origin requests | | |
# ---------------------------------------------------------------------- | |
# Allow cross-origin requests. | |
# | |
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS | |
# http://enable-cors.org/ | |
# http://www.w3.org/TR/cors/ | |
# <IfModule mod_headers.c> | |
# Header set Access-Control-Allow-Origin "*" | |
# </IfModule> | |
# ---------------------------------------------------------------------- | |
# | Cross-origin images | | |
# ---------------------------------------------------------------------- | |
# Send the CORS header for images when browsers request it. | |
# | |
# https://developer.mozilla.org/en-US/docs/Web/HTML/CORS_enabled_image | |
# https://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html | |
<IfModule mod_setenvif.c> | |
<IfModule mod_headers.c> | |
<FilesMatch "\.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$"> | |
SetEnvIf Origin ":" IS_CORS | |
Header set Access-Control-Allow-Origin "*" env=IS_CORS | |
</FilesMatch> | |
</IfModule> | |
</IfModule> | |
# ---------------------------------------------------------------------- | |
# | Cross-origin web fonts | | |
# ---------------------------------------------------------------------- | |
# Allow cross-origin access to web fonts. | |
<IfModule mod_headers.c> | |
<FilesMatch "\.(eot|otf|tt[cf]|woff2?)$"> | |
Header set Access-Control-Allow-Origin "*" | |
</FilesMatch> | |
</IfModule> | |
# ---------------------------------------------------------------------- | |
# | Cross-origin resource timing | | |
# ---------------------------------------------------------------------- | |
# Allow cross-origin access to the timing information for all resources. | |
# | |
# If a resource isn't served with a `Timing-Allow-Origin` header that | |
# would allow its timing information to be shared with the document, | |
# some of the attributes of the `PerformanceResourceTiming` object will | |
# be set to zero. | |
# | |
# http://www.w3.org/TR/resource-timing/ | |
# http://www.stevesouders.com/blog/2014/08/21/resource-timing-practical-tips/ | |
# <IfModule mod_headers.c> | |
# Header set Timing-Allow-Origin: "*" | |
# </IfModule> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment