Closed Jamesking56 closed 9 years ago
+1
+1
So, the base urls are generated here: https://github.com/CodeSleeve/asset-pipeline/blob/master/src/Codesleeve/AssetPipeline/Composers/JavascriptComposer.php#L15 and https://github.com/CodeSleeve/asset-pipeline/blob/master/src/Codesleeve/AssetPipeline/Composers/StylesheetComposer.php#L15 and https://github.com/CodeSleeve/asset-pipeline/blob/master/src/Codesleeve/AssetPipeline/Composers/ImageComposer.php#L15
AFAIK, that's the same url function as Laravel's core helper http://laravel.com/docs/helpers#urls. This ties it back to the rather unfortunate situation with how url protocols are handled with Laravel and Symfony. There's no way to just create a protocol agnostic link; they always have a protocol.
I have most of the routes on my application being manually forced to SSL roughly following this approach: http://stackoverflow.com/questions/19967788/laravel-redirect-all-requests-to-https. Looks like:
Route::filter('force.https', function()
{
if(!Request::secure())
{
$data = Input::all();
$query = http_build_query($data);
$query = $query ? "?".$query : null;
return Redirect::secure(str_replace('http:', 'https:', URL::current().$query))->withInput();
// return Redirect::secure(Request::getRequestUri()); /* broken on my development environment, but probably the "right" way to do this */
}
});
This, however, is redundant because I also have Apache setup to force all traffic to be secure... I still force the routes for portability reasons, but I digress.
I'm not 100% sure if it's peculiar to my environment, but somehow Laravel knows I want my routes to be secure. For example, when I call url()
it correctly returns https://mydomain.tld
and if I call url('/', array(), false)
(third parameter is boolean flag for secure/insecure), it will force the protocol to vanilla http and return http://mydomain.tld
. Clearly, it's picking up that https is intended as the default on my environment.
So, you may want to try messing with forcing your routes to https or with your Apache config to see if it just works.
FWIW, this issue was brought up before (https://github.com/CodeSleeve/asset-pipeline/issues/31) but the package and Laravel have undergone some significant changes since.
@Jamesking56 did you resolve this, and if so, what worked? Otherwise this should stay open.
Once issue I'm seeing is that if the site is mixed HTTP and HTTPS, the asset pipeline will cache URLs using whatever protocol happened to be active at the time of generation. If that happened to be a non-secured page, then assets on HTTPS fail to load due to URLs pointing to mixed content.
Hello,
I'm converting my Laravel application from Non-SSL to using SSL. How can I get the include tags generated by Asset-Pipeline to use the SSL version of my URL?