Backend: use of cdn causes remixicon.symbol.svg to not download due to its being an svg used with <use> tag

Question

Backend: use of cdn causes remixicon.symbol.svg to not download due to its being an svg used with <use> tag

Opened this issue 4 months ago · 0 comments

rabbitbike commented 4 months ago

Solidus Version:
Solidus 4.3

To Reproduce

Deploy app with Rails.application.config.asset_host set to a cdn.

Current behavior

The "remixicon.symbol.svg" file used for admin menu icons fails to download.

Unsafe attempt to load URL https://cdn.<sitename>.com/assets/spree/backend/themes/solidus_admin/remixicon.symbol-b236392313df892b716a85fbda18cf45f13a558388803221c105fff3651d275a.svg from origin https://www.<sitename>.com. Domains, protocols and ports must match.

Expected behavior

Should be able to download the svg file and show admin menu icons.

Additional context

It seems like use of svg files with <use> tag has issues when served from cdn.
I could not make it work through cdn settings, etc, so I would like to raise this as an issue.

I think I was able to resolve this issue by overriding asset_host in Spree::Admin::BaseController as follows, but I'm not sure if this is an optimal way to solve this:

def self.prepended(base)
       base.asset_host = proc { |source, request|
          if source.match? /remixicon[\w.-]+svg\z/
            request.try(:host).presence || "www.<sitename>.com"
          else
            "cdn.<sitename>.com"
          end
        }
      end

I hope a fix is provided or the documentation is updated to discuss this in detail.

Thank you🙏

Screenshots