Implementing Access Control Domain Restrictions for Web Fonts

As stated in the IDAutomation License Agreement, the use of IDAutomation Web Fonts on a publicly accessible website must be limited to the intended domain(s) by enabling domain restrictions within the publicly accessible fonts or web server. IDAutomation does not directly provide support for the implementation of domain limitations; they are supported by the organizations that provide the associated web servers or by the organizations that make the font specifications. However, the implementation examples below may be used to test if effective in your environment.

Webserver Limitation Methods:

Webserver Implementation Example
Apache Add the following to the htaccess file in the folder where the font files reside on the webserver and change "idautomation.com" to the appropriate domain:
<FilesMatch "\.(ttf|otf|eot|woff)$">
  <IfModule mod_headers.c>
  Header set Access-Control-Allow-Origin "https://www.idautomation.com/"
  </IfModule>
</FilesMatch>

Within the @font-face declaration, provide the full absolute URL of the fonts. For example:

@font-face {
  font-family: IDAutomationHC39M;
  src: url(https://www.idautomation.com/barcode-fonts/woff-web-fonts/IDAutomationHC39M.woff);
	}

Additionally, multiple domains may be specified:

Access-Control-Allow-Origin "https://www.idautomation.com,https://www.bcgen.com"
IIS Add the following to the web.config file in the folder where the font files reside on the webserver and change "idautomation.com" to the appropriate domain:
 
IIS6:
  1. Open Internet Information Service (IIS) Manager
  2. Right click the site and choose Properties
  3. Change to the HTTP Headers tab
  4. In the Custom HTTP headers section, click Add
  5. Enter Access-Control-Allow-Origin as the header name
  6. Enter idautomation.com as the header value
  7. Click Ok twice

IIS7:
Add the following to the web.config file in the folder where the font files reside on the webserver and change "idautomation.com" to the appropriate domain:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
 <system.webServer>
   <httpProtocol>
     <customHeaders>
       <add name="Access-Control-Allow-Origin" value="www.idautomation.com" />
     </customHeaders>
   </httpProtocol>
 </system.webServer>
</configuration>

 

Code Limitation Methods:

Code Type Implementation Example
PHP 
<?php
header("Access-Control-Allow-Origin: www.idautomation.com";
...
?>
ASP.NET 
Response.AppendHeader("Access-Control-Allow-Origin", "www.idautomation.com");

Font Limitation Methods:

Font Type Implementation Example
EOT Use the Microsoft Web Embedding Fonts Tool (WEFT) to set access restrictions to the domains.

Related Information