• Welcome to the Chevereto User Community!

    Here, users from all over the world come together to learn, share, and collaborate on everything related to Chevereto. It's a place to exchange ideas, ask questions, and help improve the software.

    Please keep in mind:

    • This community is user-driven. Always be polite and respectful to others.
    • Support development by purchasing a Chevereto license, which also gives you priority support.
    • Go further by joining the Community Subscription for even faster response times and to help sustain this space

CDN or URL of the icomoon.woff font

DeCysos

DeCysos

Phoenix Foto Service
I tried to enter a CDN in the /lib/Peafowl/peafowl.css file. In Row 7386-7390
In my case that was Cloudflare's. But then I noticed that the icomoon.woff file was of different content which is already in the script.
So I looked further and found jsDelivr which offers the exact same file as CDN.

Well done, first try with Cloudflare, which unfortunately does not work and only threw out strange symbols.

Continue trying with the service from jsDelivr, but also the same problem there.

Now I ask the question in the room: Is it even possible to specify a CDN for this font?
 
Sort by date Sort by votes
As far as I've read about CORS, this can also affect security.

For test purposes I have entered the following in the Apache header:
Header set Access-Control-Allow-Origin "*"

Unfortunately, this was not successful, that is, it shows no icon.
But as I said, since this can probably affect security, I will refrain from this function in the future, since it is not so important that security has to be jeopardized.
 
Upvote 0 Downvote
Thats why you enable CORS for the specific resources, no one enable CORS for everything. Using CORS is not a security flaw, your understanding about the concept is wrong.
 
Upvote 0 Downvote
Well I read on various websites that it would not be advisable to make CORS accessible to everyone.

Of course I would not do that either.

First tried to open for a specific domain.
But this failed.
When trying to open this to everyone, this also unfortunately failed.

Maybe there are other methods, I have to deal with them a little more.
At the moment I only tried it via the header, which in my view was the most sensible variant.
 
Upvote 0 Downvote
I got it with the following model
[CODE title="Apache"]<FilesMatch "\.(ttf|otf|eot|woff|woff2)$">
<IfModule mod_headers.c>
SetEnvIf Origin "http(s)?://(www\.)?(google.com|staging.google.com|development.google.com|otherdomain.example|dev02.otherdomain.example)$" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header merge Vary Origin
</IfModule>
</FilesMatch>[/CODE]

However, this must be registered with the server that is to serve as the origin of the file.
In my case, my second server.

But I still ask why the whole thing doesn't work with CDN providers like Cloudflare.
It is most likely due to a completely different version of the font.
 
Last edited:
Upvote 0 Downvote
That is correct, apparently there are different versions of icomoon.

Free, Essential and Ultimate
https://icomoon.io/icons-icomoon.html

It is most likely because Chevereto uses other characters (different files) than those on the respective CDNs.
Now that I have got it to retrieve the data from the second server, it is not so bad that it does not work via a CDN. (Even if it were nicer)
 
Upvote 0 Downvote
You must log in or register to reply here.
Back
Top