On Tue, 13 Aug 2019 14:32:00 +0200, Ján Máté <jan.mate(a)inf-it.com> wrote:
it cannot be CORS because fonts are included in the
client itself (not
loaded remotely). I also tested the latest Chrome beta (on Mac) and
everything looks OK. Maybe you have a plugin installed or something
similar ...
This is what Firefox says:
In response to CVE-2019-11730, Firefox 68 and later define the origin of a
page opened using a file:/// URI as unique. Therefore, other resources in
the same directory or its subdirectories no longer satisfy the CORS
same-origin rule.
Fortunately:
This new behavior is enabled by default using the
privacy.file_unique_origin preference.
By disabling this behaviour the fonts load again.
-- Johan