Instructions for people who just want to host web fonts and are completely baffled by CORS

[pdc]

Most of the documentation around CORS and Access-Control-Stop-Working-Unless-Header-Not-Not-Missing headers assumes that the audience is a JavaScript programmer who wants to escape from having to host code on the same server as the code that exploits it, but there is another constituency, which is people who want to use web fonts hosted on a CDN.

Up until web fonts were brought under the Single-Origin-Policy umbrella, you deployed fonts the same way you deploy images: stick the files on a CDN. This has recently stopped working and it might be difficult to guess that it is because fonts are treated like JavaScript now. You could add a mention of this and prominently a note about fonts the front page so that someone googling for a solution might find your site.