CORS Error After Enabling Cloudflare

Hello I have been talking to support for a while now, but my CORS Error still persists.

I did not have any CORS error before I used Cloudflare so I’m assuming it’s because of the CDN.

I have added:

CORS FIX START

Header always set Access-Control-Allow-Origin “*”
Header always set Access-Control-Allow-Methods “POST, GET, OPTIONS, DELETE, PUT”
Header always set Access-Control-Max-Age “1000”
Header always set Access-Control-Allow-Headers “x-requested-with, Content-Type, origin, authorization, accept, client-security-token”

RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]

CORS FIX END

But the error still persists.

Here is the error:
Access to font at ‘https://website/fonts/Morganite-ExtraBoldItalic.otf’ from origin ‘outside https website’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Morganite-ExtraBoldItalic.otf:1 Failed to load resource: net::ERR_FAILED

The outside https website is used as an iframe to accept bookings.