Enable CORS for Sketchfab Integration

Slyce · July 25, 2017, 6:35am

Hi there, I am trying to enable CORS for sketchfab-integration in our homepage (we need CORS-enabled images to change texture files). I am following this tutorial and it works fine with the texture that he is hosting, but if we try to link our own it fails to load.
I have already tried and combined several solutions:

.htaccess: Header set Access-Control-Allow-Origin “*” as explained on enable-cors.org
setting headers in the kirby config.php as explained in the docs
manually setting it with PHP at the very top

…but nothing seems to work- this is the error message that we get:

Did I miss something in the settings? I hope you can help me out!

Thanks in advance!

jimbobrjames · July 25, 2017, 10:03am

Your serving the texture over HTTP but the origin is HTTPs. Have you tried serving the wood_albedo.jpg image over HTTPS? It is usually best not to mix protocols.

jimbobrjames · July 25, 2017, 10:07am

I’ve added the SketchFab embedded widget to pages before, without any issue. Is what your trying to do any different?

Slyce · July 25, 2017, 11:40am

Just using the embed widget works fine, what we would like to achieve is changing the texture of the object, as seen here:
Sketchfab - changing textures
At the moment it is only working because I am not switchting between textures, but rather turning objects visible/invisible, which means a lot of additional geometry has to be uploaded to make that work. It would be much more efficient to only change the texture itself.

I also thought about serving it over HTTPs, but for example the texture from the tutorial is also working and not served over HTTPs. Here you can see the two cases, the texture from the tutorial URL is working without error:

jimbobrjames · July 25, 2017, 2:18pm

Intresting, I havent done a huge amount with CORS but usual port of call for server tricks the .htaccess provided with the HTM5 Boilerplate. It’s full of awesome stuff. Try reading the comments and the articles supplied with them, the answer may lie there.

github.com

h5bp/html5-boilerplate/blob/master/dist/.htaccess

# Apache Server Configs v2.15.0 | MIT License
# https://github.com/h5bp/server-configs-apache

# (!) Using `.htaccess` files slows down Apache, therefore, if you have
# access to the main server configuration file (which is usually called
# `httpd.conf`), you should add this logic there.
#
# https://httpd.apache.org/docs/current/howto/htaccess.html

# ######################################################################
# # CROSS-ORIGIN                                                       #
# ######################################################################

# ----------------------------------------------------------------------
# | Cross-origin requests                                              |
# ----------------------------------------------------------------------

# Allow cross-origin requests.
#
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

This file has been truncated. show original

Slyce · August 7, 2017, 7:56am

Sorry for my late reply - I just came back from holidays. Also thanks for your suggestion, but unfortunately I still haven’t managed to get it to work… I tried various boilerplate settings in combination with the other things that I mentioned before - still no success.

Have you ever tried to enable CORS for images on a Kirby-based site? I still think that there might be a Kirby setting that I’m missing.

Topic		Replies	Views
Setting CORS headers Questions 🤔	3	111	February 6, 2024
Easy way to enable CORS Solved ✅	1	1621	January 12, 2016
HTTPS/HTTP issues when loading styles and scripts Kirby 3	4	175	August 24, 2023
CORS in Kirby as external API	6	3167	May 28, 2020
Kirby ajax call from subdomain -> cross domain error	7	1101	February 17, 2022

Enable CORS for Sketchfab Integration

Related Topics