# Font file headers to prevent sanitizer issues
<FilesMatch "\.(woff2|woff|ttf|eot)$">
    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Methods "GET, POST, OPTIONS"
    Header set Access-Control-Allow-Headers "Content-Type"
    Header set Cache-Control "public, max-age=31536000"
    
    # Proper MIME types
    <IfModule mod_mime.c>
        AddType font/woff2 .woff2
        AddType font/woff .woff
        AddType font/ttf .ttf
        AddType application/vnd.ms-fontobject .eot
    </IfModule>
</FilesMatch>

# Prevent direct access to font conversion scripts
<FilesMatch "\.(py|bat)$">
    Order allow,deny
    Deny from all
</FilesMatch>