It could happen that while setting up HTTPS on a Joomla website that is using an external CDN, certain assets can't be loaded because of a browser error related to cross-domain resources that are blocked by the browser policy.
This is visible in the browser console (F12) as an error reported in the format:
'Error: Font from origin https://www.yourdomain.com has been blocked from loading by Cross-Origin Resource Sharing Policy: No Access-Control-Allow-Origin header is present on the requested resource. Origin https://www.yourdomain.com is therefor not allowed to access'
Let’s consider this scenario:
- Now your web browser makes call to Domain2.
In simple statement: If request is not coming from same domain or origin, just simply ignore it. This is very important features which prevents hacking and resource stealing without owners’s knowledge.
The first thing to do is to check if you have setup an origin URL in your CDN control panel and if it's the correct one for your website domain or not. If this is the case, you can fix the problem just specifying the correct domain for CORS.
As an alternative, for example if you don't have access to the CDN control panel, you can easily solve this problem thanks to the website htaccess by adding the following directive:
Header set Access-Control-Allow-Origin "*"
The Access-Control-Allow-Origin "*" allows you to access all resources and webfonts from all domains.