Access to font at 'xx' from origin 'xx' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
请输入图片描述
就如同上面图片中显示的,它提示我们有跨站攻击的风险,因此不允许这样访问。
因为我的网站里面只提示了字体跨域,那么我只针对字体的放行就可以了,其它文件同理。

location ~ .*\.(eot|ttf|otf|woff|woff2|svg)$ {
    add_header Access-Control-Allow-Origin *;
    add_header Access-Control-Allow-Headers X-Requested-With;
    add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
}