skip to Main Content

currently i deploy a laravue app on heroku, and i got an error like this

mixed Content: The page at ‘https://example.herokuapp.com/’ was loaded
over HTTPS, but requested an insecure stylesheet
‘http://example.herokuapp.com/build/assets/app.55a1010a.css’. This
request has been blocked; the content must be served over HTTPS.

the problem caused by vite production importing assets file via http not https.
and this is how i import my assets file how to fix this problem?

    @vite(['resources/js/app.js', 'resources/css/app.css'])

2

Answers


  1. S1. Open .htaccess file and add the following line Header always set Content-Security-Policy "upgrade-insecure-requests;"

    S2. remove these lines from your htaccess:

    RewriteCond %{SERVER_PORT} ^443$
    RewriteRule (.*) http://www.example.com/$1 
    

    Please note that 443 port number is used for HTTPS requests.

    Login or Signup to reply.
  2. As you are deploying to Heroku, you are probably behind a proxy.
    So you have to set Trusted Proxies. (See doc at https://laravel.com/docs/9.x/requests#configuring-trusted-proxies)

    You can open the file /app/Http/Middleware/TrustProxies.php and then enable all ip if you don’t know the proxy IP.

    /**
    * The trusted proxies for this application.
    *
    * @var array<int, string>|string|null
    */
    protected $proxies = '*';
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search