Laravel9 \URL::forceScheme('https') Partial Failure

[Purek]

• Laravel Version: 9.3.1
• PHP Version: 8.0.16
• Database Driver & Version:mysql-5.7.37

Description:

I passed AppServiceProvider in the boot() method to achieve https

if($this->app->environment('production')) {
    \URL::forceScheme('https');
}

Mailbox verification will now return 403 invalid signature

I try in vendor/laravel/framework/src/Illuminate/Routing/UrlGenerator.php

    public function hasCorrectSignature(Request $request, $absolute = true, array $ignoreQuery = [])
    {
        $ignoreQuery[] = 'signature';
        $url = $absolute ? $request->url() : '/'.$request->path();
        $queryString = collect(explode('&', $request->server->get('QUERY_STRING')))
            ->reject(fn ($parameter) => in_array(Str::before($parameter, '='), $ignoreQuery))
            ->join('&');
        $original = rtrim($url.'?'.$queryString, '?');
        $signature = hash_hmac('sha256', $original, call_user_func($this->keyResolver));

        dd($signature . " :: " . $request->query('signature', ''));

        return hash_equals($signature, (string) $request->query('signature', ''));
    }

I found that the two values are different. I further found that it is because the value passed by $request->url() is http://

Steps To Reproduce:

1. .env APP_URL=https:xxx
2. passed AppServiceProvider in the boot()

   if($this->app->environment('production')) {
   \URL::forceScheme('https');
   }

   3.Send email link

Thanks!

[driesvints]

Hi there,

Thanks for reporting but it looks like this is a question which can be asked on a support channel. Please only use this issue tracker for reporting bugs with the library itself. If you have a question on how to use functionality provided by this repo you can try one of the following channels:

• Laracasts Forums
• Laravel.io Forums
• StackOverflow
• Discord
• Larachat
• IRC

However, this issue will not be locked and everyone is still free to discuss solutions to your problem!

Thanks.