I need to add Access-Control-Allow-Origin to my headers so that I can use both fonts from Google Fonts and AWS S3/Cloudfront and not get this error …
Font from origin ‘https://media.domain.com’ has been blocked from loading by Cross-Origin Resource Sharing policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘https://domain.com’ is therefore not allowed access.
But how? Where?
I am running the site on Ubuntu 16.04 x64 with Redis and Let’s Encrypt