has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space local - Apache - PhpOut

Apachenewbie
October 12, 2021
129 views
0 votes
2 Answers

I have a webpage with http loaded content,
and this font page with https:

https://fonts.googleapis.com/css?family=Oswald:300,700,regular&subset=latin-ext

which I have embeded in the first page.

When I am loading the page, it’s displaying the error below:

has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space local.

Is there anything I can do about it on Apache ?

Tags: apache

Answers

- xiaosa
- October 13, 2021 at 10:59 am
- 0 votes
0
add header Access-Control-Allow-Private-Network

https://developer.chrome.com/blog/private-network-access-update/

Login or Signup to reply.

- WesleyCheek
- August 8, 2022 at 2:32 am
- 0 votes
0
With CORS-rfc1918, chrome will be mandating public websites accessing private content use HTTPS.

FIX: You can either serve the content behind HTTPS, or else in your browser flags (eg chrome://flags) disable Block insecure private network requests

block-insecure-private-network-requests:
With this flag turned on, any requests to a private network resource from an HTTP website will be blocked.

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.