CODEWITHSUNDEEP
phplaraveldocker
Adam Winter
Adam Winter

Reputation: 1934

Laravel Mixed Content: HTTP error behind load balancer, docker.io/bitnami/laravel:9

I'm using the docker.io/bitnami/laravel:9 image behind a HAProxy load balancer / reverse proxy, and getting the following error in the browser console:

Mixed Content: The page at 'https://host.second.top/#' was loaded over HTTPS, but requested an insecure stylesheet 'http://host.second.top/css/app.css'. This request has been blocked; the content must be served over HTTPS.

Following this page: https://laravel.com/docs/5.5/requests#configuring-trusted-proxies I made my TrustProxies.php as follows:

<?php

namespace App\Http\Middleware;

use Illuminate\Http\Middleware\TrustProxies as Middleware;
use Illuminate\Http\Request;

class TrustProxies extends Middleware
{
    /**
     * The trusted proxies for this application.
     *
     * @var array<int, string>|string|null
     */
    protected $proxies = ['10.0.0.2'];

    /**
     * The headers that should be used to detect proxies.
     *
     * @var int
    *
    *protected $headers =
    *    Request::HEADER_X_FORWARDED_FOR |
    *    Request::HEADER_X_FORWARDED_HOST |
    *    Request::HEADER_X_FORWARDED_PORT |
    *    Request::HEADER_X_FORWARDED_PROTO |
    *    Request::HEADER_X_FORWARDED_AWS_ELB;
    */

    protected $headers = [
        Request::HEADER_FORWARDED => 'FORWARDED',
        Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR',
        Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST',
        Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT',
        Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',
    ];
}

But I still get the same error.

I do not want to go around replacing "asset" with "secure_asset" everywhere, or make this conditional on production/test. I would like the method prescribed by Laravel, in the linked page, to work.

How do I get this to work with the Bitnami docker image?

Thank you.

Upvotes: 0

Views: 316

Answers (1)

Phani Shashank
Phani Shashank

Reputation: 98

I too had the same issue, for me the follwing worked

So, first modify APP_URL (and APP_ENV if needed) in the .env file, if you use assets helper, this shouldn't give any problem with the URL.

APP_ENV=production
APP_URL=https://example.com

Finally, add the following to the beginning of api.php or web.php:

if (App::environment('production')) {
    URL::forceScheme('https');
}

In some cases, the app environment may be "local" instead of "production", in which case the two files should match on that value.

Upvotes: 1

Related Questions