Moving from HTTP to HTTPS on Laravel behind CloudFlare

Question

I have a application made on laravel 5.2. It was running fine on HTTP.

I used asset function to generate full url instead of using relative one's like

<link rel="stylesheet" type="text/css" href="{{ asset('/css/bootstrap.min.css') }}">

According to laravel documentation here, the asset method automatically detects the request protocol and generates URL accordingly.

Now the application is not running on HTTPS, I can use secure_asset for HTTPS URLs, but then it will stop running on HTTP and localhost.

I know there is something I'm missing and it can't be so hard to just migrate from HTTP to HTTPS using laravel

PS - Cloudflare is being used for serving HTTPS requests.

Answer 1

All answers given till now are correct but none solved my problem.

The main problem was my application was behind CloudFlare

Laravel detects a Request as secure or insecure by checking a HTTP header i.e. $_SERVER['REQUEST_SCHEME'] which remains HTTP even the Request is HTTPS due to cloudflare.

CloudFlare sets a different header for the same i.e. $_SERVER['HTTP_X_FORWARDED_PROTO'] Which must be checked to detect a request is secure or not

Following this article and making some changes to this I successfully managed to generate HTTPS URL without making any changes to previous application code.

Answer 2

Accessing The Request To obtain an instance of the current HTTP request via dependency injection, you should type-hint the Illuminate\Http\Request class on your controller constructor or method https://laravel.com/docs/5.2/requests#request-information

instead of manually setting it through configs you could use Request::secure() to check, if the request is done over HTTPS