If web-tinker is used behind an HTTPS reverse proxy, but the server itself is not HTTPS, it will generate HTTP based absolute URLs which then the tinker client will make requests to, and fail because of Mixed Content security errors.
The code that generates absolute URLs is in src/Http/Controllers/WebTinkerController.php
I have set the APP_URL environment variable to an HTTPS url.
If web-tinker is used behind an HTTPS reverse proxy, but the server itself is not HTTPS, it will generate HTTP based absolute URLs which then the tinker client will make requests to, and fail because of Mixed Content security errors.
The code that generates absolute URLs is in
src/Http/Controllers/WebTinkerController.phpI have set the
APP_URLenvironment variable to an HTTPS url.