Die Funktionalität dieser Website ist durch Wartungsarbeiten eingeschränkt, die Ihr Erlebnis verbessern sollen. Wenn ein Artikel Ihr Problem nicht löst und Sie eine Frage stellen möchten, können Sie unsere Gemeinschaft über @FirefoxSupport auf Twitter, /r/firefox oder Reddit fragen.

Hilfe durchsuchen

Vorsicht vor Support-Betrug: Wir fordern Sie niemals auf, eine Telefonnummer anzurufen, eine SMS an eine Telefonnummer zu senden oder persönliche Daten preiszugeben. Bitte melden Sie verdächtige Aktivitäten über die Funktion „Missbrauch melden“.

Weitere Informationen

web icons such as font awesome not showing up only in firefox. How can I resolve this?

  • 4 Antworten
  • 1 hat dieses Problem
  • 298 Aufrufe
  • Letzte Antwort von cor-el

more options

I work with HTML website themes daily. I use the firefox browser for all of my design work and I have recently noticed that firefox does not show web icons such as font awesome or any other web icons. The web icons are properly coded into the theme and they show up fine in all other browsers (chrome, edge, explorer, safari).

I did some research on it and I did find this: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS but I don't know if that has anything at all to do with it or not.

If the problem is due to Cross-Origin Resource Sharing (CORS) then how would I fix that issue as the fonts are being served directly from the theme files?

Thank you

I work with HTML website themes daily. I use the firefox browser for all of my design work and I have recently noticed that firefox does not show web icons such as font awesome or any other web icons. The web icons are properly coded into the theme and they show up fine in all other browsers (chrome, edge, explorer, safari). I did some research on it and I did find this: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS but I don't know if that has anything at all to do with it or not. If the problem is due to Cross-Origin Resource Sharing (CORS) then how would I fix that issue as the fonts are being served directly from the theme files? Thank you
Angefügte Screenshots

Ausgewählte Lösung

Hi paul20, is the problem when you open the page locally from disk, using a file:// URL?

Firefox 68 contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info: https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp

I filed a bug yesterday proposing that fonts be allowed, but it will take time to implement. For now, you can roll back the patch as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste uniq and pause while the list is filtered

(3) Double-click the privacy.file_unique_origin preference to switch the value from true to false

To mitigate the vulnerability: If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attacker to find any valuable content using local file links.

Diese Antwort im Kontext lesen 👍 0

Alle Antworten (4)

more options

Ausgewählte Lösung

Hi paul20, is the problem when you open the page locally from disk, using a file:// URL?

Firefox 68 contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info: https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp

I filed a bug yesterday proposing that fonts be allowed, but it will take time to implement. For now, you can roll back the patch as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste uniq and pause while the list is filtered

(3) Double-click the privacy.file_unique_origin preference to switch the value from true to false

To mitigate the vulnerability: If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attacker to find any valuable content using local file links.

more options

WOW! thanks for the fast reply. I really appreciate info.

How long do you think it will take for them to review the icon issue working for locally view files? I may just wait for the update.

Thanks again. Paul

more options

paul20 said

How long do you think it will take for them to review the icon issue working for locally view files? I may just wait for the update.

At least a couple of weeks, possibly a couple of months. It depends on how tricky it is, whether they will take a patch early in the usual alpha-beta-release cycle.

more options

See also:

  • Bug 1566172 - Compare file:// behavior of all places that use same-origin-only or cors-only loads to other browsers

(please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html
)