CORS error with custom fonts

We’re using custom html to override universal login pages.

When we do that, we use custom fonts. But we get CORS errors when loading fonts. How can we solve that issue?

DISCLAIMER: This answer was auto-generated by an OpenAI bot.

To solve the CORS error when loading custom fonts in your Universal Login page, you will need to configure the CORS settings on the server that is hosting the font files.

The CORS policy is enforced by web browsers to prevent web pages from making unauthorized requests to servers outside of their own domain. By default, web browsers will only allow requests to be made to the same domain as the web page that is making the request. If a web page tries to make a request to a different domain, the browser will block the request.

To allow your Universal Login page to load custom fonts from a different domain, you will need to add the appropriate CORS headers to the server that is hosting the font files. This can usually be done by modifying the server’s configuration file or by adding a .htaccess file to the font directory.

The headers that you need to add will depend on the server that you are using, but the following headers will work in most cases:

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: Content-Type

These headers will allow any website to make GET requests to the font files, including your Universal Login page. If you want to restrict access to the fonts to only certain domains, you can

But it seems this config should be implemented in the Auth0 side (due to Auth0 is the host)

Your CDN must allow cross domain traffic, can you please check that?