HTTP2 pushed webfonts not used

Question

I'm sending a Link preload header in the HTTP2 response. Like this one:

Link: </assets/script/main.js?h=1795387974>; rel=preload; as=script, </assets/font/sourcesanspro_regular.woff2>; rel=preload; as=font

scripts, styles and images don't cause any problem - they are pushed and used. But fonts are pushed and then requested/fetched again and the Chromium console complains:

The resource https://example.com/assets/font/sourcesanspro_regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it wasn't preloaded for nothing.

Here are the response headers of the mentioned font.

Pushed:

accept-ranges:bytes
cache-control:max-age=5184000, public
content-length:16892
content-type:application/octet-stream
date:Mon, 25 Sep 2017 09:22:05 GMT
last-modified:Mon, 18 Sep 2017 14:33:31 GMT
pragma:public
status:200
x-content-type-options:nosniff
x-frame-options:SAMEORIGIN
x-http2-push:pushed
x-xss-protection:1; mode=block

Requested after push:

accept-ranges:bytes
cache-control:max-age=5184000, public
content-length:16892
content-type:application/octet-stream
date:Mon, 25 Sep 2017 09:22:05 GMT
last-modified:Mon, 18 Sep 2017 14:33:31 GMT
pragma:public
status:200
x-content-type-options:nosniff
x-frame-options:SAMEORIGIN
x-xss-protection:1; mode=block

What am I doing wrong?

Answer 1

You have to add crossorigin for fonts:

Link: </assets/font/sourcesanspro_regular.woff2>; rel=preload; as=font; crossorigin

For more information see here: https://github.com/w3c/preload/issues/32 and here: https://www.smashingmagazine.com/2016/02/preload-what-is-it-good-for/.

One point worth going over: You have to add a crossorigin attribute when fetching fonts, as they are fetched using anonymous mode CORS. Yes, even if your fonts are on the same origin as the page. Sorry.