Unable to combine RewriteRule and Header set

Question

Trying to implement the following:

RewriteRule \.ttf$ - [E=cors:1]
Header set Access-Control-Allow-Origin "*.example.com" env=cors:1
Header set Access-Control-Allow-Origin "*.sadface.com" env=!cors:1

Then requesting:

$ curl -I http://www.example.com/font.ttf
...
Access-Control-Allow-Origin: *.sadface.com

UPDATE

Thanks to Jenny D I've figured out that the rewrite rules elsewhere were doing a local redirect to index.php so I've modified to the following:

# Set CORS domain for fonts.
RewriteCond %{QUERY_STRING} \.ttf
RewriteRule ^(.*)$ $1 [E=cors:1]
Header set Access-Control-Allow-Origin "*.example.com" env=cors:1
Header set Access-Control-Allow-Origin "*.sadface.com" env=!cors:1

This provides the following log entry:

RewriteCond: input='q=font.ttf' pattern='\\.ttf' => matched

Despite this however I'm still getting Access-Control-Allow-Origin: *.sadface.com

UPDATE 2:

Looks like env=cors:1 isn't doing what I expect, changing to the following fixed the issue:

Header set Access-Control-Allow-Origin "*.example.com" env=cors

DanH · Answer 1 · 2015-04-20T12:26:28.833

2

Due to being a Drupal site, all non-file/directory requests were redirecting to index.php?q=$1. I instead needed to evaluate the query string, as per the following:

# Set CORS domain for fonts.
RewriteCond %{QUERY_STRING} \.ttf
RewriteRule ^(.*)$ $1 [E=cors:1]
Header set Access-Control-Allow-Origin "*.example.com" env=cors

edited Apr 20 '15 at 12:26

answered Apr 20 '15 at 12:16

DanH

887

Unable to combine RewriteRule and Header set

1 Answers1