245827 – FontFace load cancelled because Cross-Origin-Resource-Policy

NEW Bug 245827

FontFace load cancelled because Cross-Origin-Resource-Policy

https://bugs.webkit.org/show_bug.cgi?id=245827

Summary FontFace load cancelled because Cross-Origin-Resource-Policy

709922234

Reported 2022-09-29 05:05:00 PDT

Added response headers in order to use `SharedArrayBuffer`: Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin FontFace load cancelled: Failed to load resource: Cancelled load to https://fonts.cdnfonts.com/s/7553/COMMP___.woff because it violates the resource's Cross-Origin-Resource-Policy response header. FontFace should not apply CORP

Attachments
Add attachment proposed patch, testcase, etc.

Alexey Proskuryakov

Comment 1 2022-09-29 09:05:16 PDT

FWIW, this font resource has `access-control-allow-origin: *`, and no cross-origin policy header fields.

Anne van Kesteren

Comment 2 2022-09-29 09:14:34 PDT

It's fallout from bug 86817 as we don't use CORS to fetch fonts.

Radar WebKit Bug Importer

Comment 3 2022-10-06 05:05:18 PDT

<rdar://problem/100848615>

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component CSS

Assignee

Nobody

Reported

2022-09-29 05:05 PDT

Modified

2022-10-06 05:05 PDT History

CC List

5 users Show

URL

Keywords InRadar

Depends on

86817

Blocks

Dependancies

tree graph