JS and CSS HTTPS

[gragia79]

I am using the library in a new project. I set https for security but scripts and css are always loaded from http not https. "php": "^7.3||^8.0", "codeigniter4/framework": "^4.1.5", "codeigniter4/translations": "^4.1", "components/bootstrap-default": "^3.3", "tatter/assets": "^2.3",

My File in app/Config/

app.php

public $baseURL = 'https://mysite.loc'

Assets.php

public $webBase = 'https://mysite.loc'

error:

Mixed Content: The page at 'https://mysite.loc/index.php?debug=true&XDEBUG_SESSION_START=netbeans-xdebug' was loaded over HTTPS, but requested an insecure script 'http://mysite.loc.loc/?debugbar'. This request has been blocked; the content must be served over HTTPS.

Mixed Content: The page at 'https://mysite.loc/index.php?debug=true&XDEBUG_SESSION_START=netbeans-xdebug' was loaded over HTTPS, but requested an insecure script 'http://mysite.loc/assets/js/caricamento.js?v=1639567566'. This request has been blocked; the content must be served over HTTPS.

I don't know if it's an apache2 configuration problem or if Assets is misconfigured if I need to enable a flag ssl = true

[MGatner]

The tag creation uses the framework's HTML Helper functions script_tag() and link_tag(). Try outputting your settings to determine the actual values (instead of what you have in your file):

dd(config('App')->baseURL, config('Assets')->webBase);

You may also consider upgrading to Assets version 3 - it handles things a bit differently.

[MGatner]

Actually, since your Debug Toolbar JS has the same issue:

but requested an insecure script 'http://mysite.loc.loc/?debugbar'

... I'm fairly certain your baseURL is not set correctly. Check your .env file and consider enabling $forceGlobalSecureRequests.

Closing since this is confirmed not to be an issue with Assets - if you need more help try the CI4 forums.

[gragia79]

Thanks you