All geek questions in one place

Laravel adjusts the power of https

Our site is hosted on a load balanced server. SSL offloading is done on the firewall, so the client accesses the proxy to the web server farm.

When the https request reaches our Laravel application, the HTTPS server variable is empty and Laravel does not seem to detect the https mode and generates URLs (assets and routes) like:

Is there a way to configure Laravel to make url generate https links? We prefer to have a configuration solution, because we have a development environment and an intermediate level that do not work under https.

Note: We have already tried the fideloper "trustedproxy" approach, and this has not led to changes. I assume that rewriting .htaccess is not an option, since htaccess rewrites are based on the same https header (we don't get it) or port (port 80, larvel calls port 443).

Thanks for the help.

+3
source share
2 answers

The Laravel UrlGenerator has a method called forceSchema that allows you to force the use of the scheme and ignore the request from the URL. Just create a service provider, SecureRoutingServiceProvider , that uses the Laravel IOC to override the default generator and returns an instance that forces a secure scheme:

 use Illuminate\Routing\UrlGenerator; use Illuminate\Routing\RoutingServiceProvider; class SecureRoutingServiceProvider extends RoutingServiceProvider { public function boot() { App::bind('url', function () { $generator = new UrlGenerator( App::make('router')->getRoutes(), App::make('request'); }); $generator->forceSchema('https'); return $generator; } parent::boot(); } }

Next, we need to register the service provider by adding it to the providers array in app/config/app.php :

 'providers' => array( ..., 'SecureRoutingServiceProvider', )

And all this to him. I tested this code and it works fine (in Laravel 4.2).

+3
source

Work on the same issue with the Laravel 5 Pagination Feature. For this, it is not enough to simply force the URL scheme in the generator, because it uses the URL associated with the request. After digging, I found a good fix.

Illuminate\Http\Request has an array of trustedProxies, which is mainly for this case.

I still used Bogdan's SecureRoutingServiceProvider as a starting point for the whitelist of our load balancer.

 public function boot() { Request::setTrustedProxies(['10.0.0.X']); // Here should be your internal LB IP parent::boot(); }

After that, everything turned out very well. Of course you should put the IP in the config / env file.

0
source

Source: https://habr.com/ru/post/1242670/

More articles:


All Articles