Laravel does not use https for assets and dynamic routes

Question

Laravel does not use https for assets and dynamic routes

I changed APP_URL = https://example.com , I added this to my AppServiceProvider download method:

/** Enable HTTPS */
if(env('REDIRECT_HTTPS')) {
    $url->forceSchema('https');
}

And I launched php artisan cache:clear, php artisan view:clearand php artisan config:clear. I still cannot get assets and dynamic routes for using https. Just getting an error:

Mixed Content: A page labeled https://example.com/ 'was loaded via HTTPS but requested an insecure stylesheet' http://example.com/css/app.css '. This request is blocked; content must be transmitted via HTTPS.

I know what I can use secure_assetinstead asset, and this should work, but I need it to be dynamic, because I still need to serve the http version of the site at the moment in a different domain.

+4

http php https laravel

Ryan bobrowski Feb 02 '18 at 20:14

source share

1 answer

ceejayoz · Accepted Answer · 2018-02-02T20:39:38+0000

The assistant asset()relies on a couple of possibilities to determine whether to create an HTTP or HTTPS URL:

$_SERVER['HTTPS'] on. This is the way to make Apache. For nginx, you can set this server parameter yourself in the configuration.
$_SERVER['HTTP_X_FORWARDED_PROTO'] https.

, , X-Forwarded-Proto, Laravel , . , Laravel , , TrustedProxy. (edit: Laravel)

: Symfony2: getScheme "https" ( Laravel Symfony getScheme())

Laravel does not use https for assets and dynamic routes

More articles: