Broken icons on firefox

It seems we are having CORS problems with loading fonts on this site. On firefox 35, I get multiple errors on the console related to font loading.

It seems to be related to this issue:
https://meta.discourse.org/t/broken-icons-in-firefox/8778/4


1 Like

I recall seeing something like this some time ago and that turning off HTTPS everywhere helped. At the moment though I'm on Firefox 38 and everything looks fine.

Whitelisting "fastly" on HTTPS Everywhere solved it, thanks!

I'm getting this error too, with the following log in the console:

downloadable font: download failed (font-family: "FontAwesome" style:normal weight:normal stretch:normal src index:2): bad URI or cross-site access not allowed
source: https://sea1.discourse-cdn.com/business5/assets/fontawesome-webfont-837cb6609172c8e3f4240219b93dcdc7.ttf?http://users.rust-lang.org&1&v=4.0.4

("FontAwesome" is an icon-font, which Discourse uses for its icons)

And I'm viewing the HTTP (not HTTPS) version of the site.

This link may be relevant: Cross-Domain Fonts

For maximum performance, we all know we must put our assets on CDN
(another domain). Along with those assets are custom web fonts.
Unfortunately custom web fonts via CDN (or any cross-domain font
request) don't work in Firefox or Internet Explorer (correctly so, by
spec) though they do work (incorrectly so) in Webkit-based browsers.
They actually require custom CORS configurations to display properly.
Here's the code you'll need to make that happen.

There (currently?) is no HTTPS version of this site. But are you using HTPS Everywhere? Because it seems to cause the problem for me. Probably because it redirects the font requests to HTTPS fastly and CORS as configured here does not want to allow this - I guess.

Out of curiosity why isn't this forum https? I for one hate sending my passwords cleartext.