Localhost reverse/forward proxy.

(Apologies if this is daft, I'll delete if I don't make any sense.) A lot of devs are familiar with this message:

Access to Font at 'https://www.website.com/font.woff' from origin 'http://localhost' 
has been blocked by CORS policy: 
No 'Access-Control-Allow-Origin' header is present on the requested resource. 
Origin 'http://loclahost' is therefore not allowed access.

My Situation:

I am trying to retrieve resources, such as fonts, from a server http(s)://server.com/resources/1.tff. I am requesting these resources from within an iframe inside a webpage on http://localhost/iframepage/.

I know I could launch chrome with --disable-web-security but this doesn't always work. So my plan is to create a reverse proxy on my localhost host to allow my localhost to request the resource by the method of something like this: http://rp.localhost/submit/<http(s)://server.com/resources/1.tff>. But how do I set this up?

I've also tried ngrok, as well as actual local IP address, lvh.me etc, also ended up in the same result.

My localhost environment is WAMP which runs my http://localhost/iframepage/.

Can I use Apache to do this, which is already running my app or do I need something like nginx to run a separate server locally? Any advice would be appreciated and tutorial would be awesome!

NB: The font resource is being loaded from a css file which is also inserted into the iframe. So the iframe loads the CSS, but then doesn't load the font.

Update:

I'll be configuring my Apache to follow the format of: http://rp.localhost/submit/<http(s)://server.com/resources/1.tff>

But my next question is how do I make the resource URL (<http(s)://server.com/resources/1.tff>) a variable? I.e. The number or URL's is unknown and the name of the URL is also unknown until the opint of requesting the resource. By that I mean I need to find a way to proxy things without pre-configuring the Apache server with the domain names of the resources being requested. thoughts?