#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+--------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Keywords:
---------------------------+--------------------------------------
This is confirmed by (no Access-Control-Allow-Origin: *: in the response)
curl -I https://staging.grass.osgeo.org/plugins/fontawesome/fonts
/fontawesome-webfont.ttf?v=4.7.0
@neteler I suggest to edit the nginx config as follow, in order to get rid
of those errors
if ($filename ~* ^.*?\.(eot)|(ttf)|(woff)|(woff2) $){
add_header Access-Control-Allow-Origin *;
}
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Comment (by neteler):
I have just changed that (it is an Apache server), see
https://github.com/OSGeo/grass-website/issues/26
But surprisingly, there is no SSL certificate (configured) within the
server. Hence all sub-pages are delivered in http and not https. Where to
fix that?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Comment (by robe):
neteler,
I added these fonts to the nginx allowed mime-types. Guess ttf is not
included by default.
Now I see this
{{{
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 22 Mar 2020 13:20:00 GMT
Content-Type: font/ttf
Content-Length: 165548
Connection: keep-alive
Last-Modified: Sat, 07 Dec 2019 17:14:50 GMT
ETag: "286ac-599204cd7bade"
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://staging.grass.osgeo.org
Front-End-Https: on
}}}
Is that sufficient or you really need it to be *
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Comment (by robe):
For reference -- I changed the /etc/nginx/mime-types on the osgeo7 nginx
proxy container.
https://git.osgeo.org/gitea/sac/osgeo7/commit/99b374426f135f5371ad25fe8ba0d169da35680b
{{{
diff --git a/etc/nginx/mime.types b/etc/nginx/mime.types
index 89be9a4..d4c9c4b 100644
--- a/etc/nginx/mime.types
+++ b/etc/nginx/mime.types
@@ -25,6 +25,9 @@ types {
image/webp webp;
application/font-woff woff;
+ application/font-woff2 woff2;
+ application/x-font-ttf ttc ttf;
+ application/x-font-otf otf;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
}}}
The other ones were already in there. before the change there was no
Access-Control-Allow-Origin: line showing in the head call. This as a
result will take effect for all proxied sites which I think is desirable.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:3>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: closed
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Changes (by robe):
* cc: neteler (added)
* status: new => closed
* resolution: => fixed
Comment:
neteler,
I think this is all set right? Feel free to reopen if you still have
issues.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:4>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Changes (by mlennert):
* status: closed => reopened
* resolution: fixed =>
Comment:
We are seeing issues with mirror sites: https://github.com/OSGeo/grass-
website/issues/22. IIUC, in order for CORS to work here (i.e. mirror sites
accessing the fontawesome fonts from the original grass site), the Access-
Control-Allow-Origin header would have to be set to '*' instead of
'https://staging.grass.osgeo.org'.
For that, it seems that something like this would do the trick in the
Apache virtualhost config:
{{{
<FilesMatch ".(eot|otf|ttf|woff|woff2)">
Header always set Access-Control-Allow-Origin "*"
</FilesMatch>
}}}
Would it be possible to try this ?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:5>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Comment (by neteler):
On the grasslxd server, in `/etc/apache2/sites-enabled/000-default.conf`
there is already for a while:
<VirtualHost *:80>
...
<FilesMatch ".(eot|ttf|otf|woff|woff2)">
Header set Access-Control-Allow-Origin
"https://staging.grass.osgeo.org"
</FilesMatch>
# https://trac.osgeo.org/osgeo/ticket/2428#comment:3
RemoteIPHeader X-Real-IP
RemoteIPInternalProxy nginx.lxd
</VirtualHost>
Shall I change that to the suggestion in comment:5 ?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:6>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Comment (by mlennert):
Replying to [comment:6 neteler]:
> On the grasslxd server, in `/etc/apache2/sites-enabled/000-default.conf`
there is already for a while:
>
> {{{
> <VirtualHost *:80>
> ...
> <FilesMatch ".(eot|ttf|otf|woff|woff2)">
> Header set Access-Control-Allow-Origin
"https://staging.grass.osgeo.org"
> </FilesMatch>
>
> # https://trac.osgeo.org/osgeo/ticket/2428#comment:3
> RemoteIPHeader X-Real-IP
> RemoteIPInternalProxy nginx.lxd
>
> </VirtualHost>
> }}}
>
>
> Shall I change that to the suggestion in comment:5 ?
Yes, please. AFAIU, the
{{{
Header set Access-Control-Allow-Origin "https://staging.grass.osgeo.org"
}}}
limits the access to these fonts to requests coming from
staging.grass.osgeo.org. However, we want access to be granted to all
mirror sites as well. Using '*' is the easiest option. Another would be to
gather all mirror site domains and list them explicitly. Don't know how
feasible that would be.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:7>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Comment (by neteler):
ok I have changed to "*" and restarted apache.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:8>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Comment (by mlennert):
Replying to [comment:8 neteler]:
> ok I have changed to "*" and restarted apache.
That seems to solve the issue for me.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:9>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Comment (by robe):
Anything I need to change or all set here?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:10>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2427: issue with fonts showing on staging.grass.osgeo.org, allow origin update
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: closed
Priority: normal | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Changes (by neteler):
* status: reopened => closed
* resolution: => fixed
Comment:
All good now! Closing
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2427#comment:11>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.