search

tarampampam / error-pages

🚧 Pretty server's error pages in the docker image & git repository (for traefik, k8s, nginx and so on)
https://tarampampam.github.io/error-pages/
MIT License
802 stars 78 forks source link

cross origin request to fonts.bunny.net fails #245

Closed Dark3clipse closed 8 months ago

Dark3clipse commented 8 months ago

Is there an existing issue for this?

Describe the bug

I deployed error pages by building it in my docker image of openresty. I manage to get the error page ghost working. The only thing that fails for me is the loading of the font.

I get these error messages in console: image

Do you know if there is anything I can do to make the font load properly?

Steps to reproduce

No response

Configuration files

No response

Relevant log output

No response

Anything else?

No response

tarampampam commented 8 months ago

Hello, and thanks for reporting the issue! Could you please provide the full set of HTTP headers from your server? It seems that a CORS header has been set, denying the loading of any external resources.

Dark3clipse commented 8 months ago

Hi! Thanks for your response, here are more details:

nginx config

errorpages.conf

error_page 401 /_error-pages/401.html;
    error_page 403 /_error-pages/403.html;
    error_page 404 /_error-pages/404.html;
    error_page 405 /_error-pages/405.html;
    error_page 407 /_error-pages/407.html;
    error_page 408 /_error-pages/408.html;
    error_page 409 /_error-pages/409.html;
    error_page 410 /_error-pages/410.html;
    error_page 411 /_error-pages/411.html;
    error_page 412 /_error-pages/412.html;
    error_page 413 /_error-pages/413.html;
    error_page 416 /_error-pages/416.html;
    #error_page 418 /_error-pages/418.html; # skipped
    error_page 429 /_error-pages/429.html;
    error_page 500 /_error-pages/500.html;
    error_page 502 /_error-pages/502.html;
    error_page 503 /_error-pages/503.html;
    error_page 504 /_error-pages/504.html;
    error_page 505 /_error-pages/505.html;
    location ^~ /_error-pages/ {
        internal;
        root /usr/share/nginx/errorpages;
    }
    location /_error-pages/r/403 {
        return 403;
    }

my-example-org.conf

server {
        listen 80;
        listen [::]:80;
        server_name  my.example.org;

        access_log          /var/log/nginx/my.example.org.access.log;
        error_log           /var/log/nginx/my.exampleorg.error.log;

        include /etc/nginx/includes/client-max-body-size-inf.conf;
        include /etc/nginx/includes/chunked-transfer-encoding.conf;
        include /etc/nginx/includes/keepalive.conf;
        include /etc/nginx/includes/proxy.conf;
        include /etc/nginx/includes/errorpages.conf;
        include /etc/nginx/includes/whitelist.conf;

        # csp
        add_header "content-security-policy" "frame-ancestors 'self'; default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self'; script-src-elem 'self' 'unsafe-inline'; require-trusted-types-for 'script';img-src 'self' data:; media-src 'self' data:; report-uri https://csp.example.org/report/csp/example; report-to csp-endpoint";
        add_header 'Report-To' '{ "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://csp.example.org/report/csp/example" }]}';

        location / {

            access_by_lua_block {
                ngx.redirect("/_error-pages/r/403")
            }

            set $upstream my-upstream:80;
            fastcgi_pass    $upstream;

            sendfile off;
            proxy_pass      http://$upstream;
            proxy_redirect  http:// https://;
            proxy_read_timeout  90;
        }
    }

I don't set any cors headers in the includes or anywhere else.

main document request

image

font request

Apparently it starts working now. The problem seems resolved :) I didn't change anything. Anyways. I think we can close the ticket. Still posting this for reference.