Exclude 'remixicon.symbol.svg' from asset pipeline

[stewart]

Addresses #5657 - when a Solidus store has config.action_controller.asset_host configured to point to a different hostname than the Rails application (i.e. an assets CDN, in production), the admin menu icons do not render as expected.

This is because for security reasons, referencing SVG icons from an external file (using <use xlink:href="">) is not possible when the asset is served from a different domain to the one requesting it.

Providing an empty host option allows us to skip Rails' built-in asset-path helper methods that are falling back to the global asset_host config, and correct the issue.

Note: this change does result in the generated asset path being a protocol-prefixed relative URL (i.e. "http:/assets/solidus_admin/remixicon.symbol-[SHA].svg"), but this seems to work OK from my testing.

[tvdeyen]

Interesting. In Alchemy we have the same issue and we tried to fix it with a preload tag

1. Issue No icons in admin interface (CORS problem) AlchemyCMS/alchemy_cms#2937
2. PR that adds the preload Preload SVG Icon Sprite AlchemyCMS/alchemy_cms#3046

I have no assets host that I can test this with, though I trust your approach. But, can we try to preload the asset and verify if it works as well or not?

[jarednorman]

I tend to think this approach is fine (rather than preloads) because:

1. It's in the admin and serving one asset in the admin from the app server isn't a performance concern.
2. Keeping preloads in sync with usage seems like a maintenance burden. It would be pretty easy for people to change something and miss that.

[MadelineCollier]

The solidus_installer step will pass if you rebase this off main (which has a fix fpr that step merged now) :)