The Access-Control-Allow-Origin header has only relevance, when a resource is loaded from an external host, so one that does not match the host of the primary loaded website. As the fonts are reasonably loaded via local URLs without hostname or scheme from the blocking page style sheet, they are never seen as external resources, regardless whether the blocking page is shown to the browser from a blocked domain or from the Pi-hole domain/IP.
For reference: https://github.com/pi-hole/pi-hole/issues/3462
Signed-off-by: MichaIng <micha@dietpi.com>
* Compress more types
* Add charset=utf-8 in more text types
* Use proper media types
* Add default expire header
* Use consistent indentation
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
* fix favicon
* add meta charset
* add html lang
* add a page title
* remove unneeded html end tags
* fix viewport tag to allow zooming
* compress the "blocked by Pi-hole" SVG
* remove trailing spaces
* switch to double colon pseudo elements (works from IE9 and newer)
* add missing vendor prefixes
* other minor tweaks
* add `Access-Control-Allow-Origin` header to all font types
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
"$network" on a systemd-driven OS leads to "After=network-online.target" in the generated systemd unit.
This target is no guarantee that all network interfaces have been fully configured, as it depends on the related network services types, but at least it reduces the risk that those have not fully finished their job when pihole-FTL starts. If this is the case, certain issues can occur:
- https://github.com/pi-hole/pi-hole/issues/2924
- https://discourse.pi-hole.net/t/have-to-pihole-restartdns-after-reboot/28772
Runtime files are now consistently created in "/run" instead of "/var/run". The second is a symlink to the first for backwards compatibility but on none-ancient distro versions one should use "/run", systemd even prints a warnings if service files use "/var/run". The service file used "/run" and "/var/run" both, in cases for the same files/directories before, which does not directly cause issues currently, due to the symlink, but is inconsistent at best.
Signed-off-by: MichaIng <micha@dietpi.com>
lighttpd 1.4.50 config parse will error if include_shell exits non-zero
and pi-hole sample config: include_shell "cat external.conf 2>/dev/null"
is an error if external.conf does not exist
Replace with: include "external*.conf"
file glob supported since lighttpd 1.4.40 and is not an error if there
is no file which matches the file glob
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
* Disable `include-conf-enabled.pl`, as blindly enabling HTTPS (as Let's Encrypt does by having a file in that folder) creates Block Page inefficiencies
* Make Block page handle JS request rewrite, allowing users to better utilise their `lighttpd` service
* Make Block page handle debugging Pi-hole header
* Make Block page redirect users from `pi.hole` to `http://pi.hole/admin`
Added text block from dns config file to warn user that manual changes to lighttpd config will be overwritten.
Slight cosmetic adjustments (tabs -> spaces).