问题
I'm using Laravel 4.1, and want to force SSL site wide. My app is deployed on Heroku.
Added this to either App::before or as a filter:
if( ! Request::secure())
{
return Redirect::secure(Request::path());
}
But that gives me 'This webpage has a redirect loop' message.
If I access some page by typing in https:// by hand, it serves that page correctly; but any link or form action is pointed to http://, which I don't want.
Also, I tried to add https parameter to some route, e.g.:
Route::get('about', ['https', function()
{
// do something
}]);
but this returns 404 :(
Can someone help me out?
回答1:
I faced the same issue and finally found the solution by using :
App::before(function($request)
{
if( (Request::header('x-forwarded-proto') <> 'https') && !App::environment('local', 'staging')) {
return Redirect::secure(Request::getRequestUri());
}
});
It was due to Heroku passing this information in a different variable than the one used by default by Laravel.
And if you are interested in getting the right environment detection, this is what I used with Laravel and Heroku :
$env = $app->detectEnvironment(function() {
if (getenv('LARAVEL_ENV')) {
return getenv('LARAVEL_ENV');
} else {
return 'local'; // Default
}
});
You will need to set a "LARAVEL_ENV" environment variable in your different servers with local, staging or production.
With the two, only HTTPS traffic is forced on the production environment.
来源:https://stackoverflow.com/questions/23537869/laravel-force-ssl-gives-this-webpage-has-a-redirect-loop