Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Laravel generate secure https URL from route

Edit

I can't really find a way to generate a secure URL from route name.

To get a full URL, I use

echo route('my_route_name');

But what to do, if I want a URL with https?

like image 736
Mārtiņš Briedis Avatar asked Jun 26 '14 09:06

Mārtiņš Briedis


4 Answers

UPDATE: As pointed out in the comments, a simpler way of doing this would be adding URL::forceSchema('https'); for Laravel version between 4.2-5.3 or URL::forceScheme('https'); for version 5.4+ in the boot method of your AppServiceProvider file.

Old answer:

It's actually entirely possible and there's only one line of code needed to accomplish that.

Laravel doesn't check the presence of SSL by itself, it depends on Symfony. And there goes our key to making it believe that the current request is secure.

The thing is, we have to set the HTTPS server param to true and the easiest method is to paste the following code in the boot method of your AppServiceProvider:

$this->app['request']->server->set('HTTPS', true);

In my very case, I only need to force SSL in production, the local env should still work on http. This is how I force SSL only on production:

$this->app['request']->server->set('HTTPS', $this->app->environment() != 'local');

By the way, mind those terms, you may need them in the future.

like image 166
Ionut Bajescu Avatar answered Nov 18 '22 08:11

Ionut Bajescu


Actually turns out, that laravel doesn't care if url is secure or not, because it generates based on the current url. If you're on https page, route() will return secure url. If on http, then http:// url

The problem was, that Laravel didn't detect that https was enabled, which was due to faulty server configuration.

You can check if Laravel sees the current connection as https by calling Request::isSecure();

like image 44
Mārtiņš Briedis Avatar answered Nov 18 '22 08:11

Mārtiņš Briedis


Laravel 8

I recently resolved this by modifying this file:

app/Providers/AppServiceProvider.php

in the method boot() add the following:

URL::forceScheme('https');

Add the use in the top:

use Illuminate\Support\Facades\URL;

to work in your local environment you can leave it like this:

public function boot()
{
    if(env('APP_ENV') !== 'local') {
        URL::forceScheme('https');
    }
}

Note: Don't forget to set your env variable APP_ENV with prod for the production file.

APP_ENV=prod
like image 35
Oscar Gallardo Avatar answered Nov 18 '22 08:11

Oscar Gallardo


As I mentioned in a relevant question, I found 5 ways of how to generate secure URLs.

  1. Configure your web server to redirect all non-secure requests to https. Example of a nginx config:

    server {
        listen 80 default_server;
        listen [::]:80 default_server;
        server_name example.com www.example.com;
        return 301 https://example.com$request_uri;
    }
    
  2. Set your environment variable APP_URL using https:

    APP_URL=https://example.com
    
  3. Use helper secure_url() (Laravel5.6)

  4. Add following string to AppServiceProvider::boot() method (for version 5.4+):

    \Illuminate\Support\Facades\URL::forceScheme('https');
    
  5. Implicitly set scheme for route group (Laravel5.6):

    Route::group(['scheme' => 'https'], function () {
        // Route::get(...)->name(...);
    });
    

    At the moment this way is not documented, but it works well.

like image 13
Prisacari Dmitrii Avatar answered Nov 18 '22 08:11

Prisacari Dmitrii