Is there a way to enable CORS for only files of a certain type on IIS7? I am going off this article (https://www.maxcdn.com/one/tutorial/how-to-use-cdn-with-webfonts/) and noticed that the Apache and nginx examples show that CORS is only enabled if the request is looking for a certain Content-Type, whereas the IIS example shows CORS enabled for everything.
I have CSS that is being referenced on an external site but the font files are being blocked by the browser and wish to enable CORS on IIS7 but only for .woff, .woff2, .tff, .eot, and .svg files. I do not wish to enable CORS for everything if possible.
You can install the IIS rewrite Module https://www.microsoft.com/en-us/download/details.aspx?id=7435 . After installing the module, restart your IIS Manager and click on your website under the “Sites” node. If you see the URL Rewrite Module symbol (shown below) in the window on the right under IIS section, then you are ready to go:
Then on your Web.config, you need to add the following rule:
<rewrite>
<rules>
<rule name="Add Cross Origin Access">
<match serverVariable="RESPONSE_Access_Control_Allow_Origin" pattern=".*" />
<conditions>
<add input="{REQUEST_URI}" pattern="^[^\?]+\.(ttf|otf|eot|woff|woff2|svg)(\?.*)?$" />
</conditions>
<action type="Rewrite" value="*"/>
</rule>
</rules>
</rewrite>