currently i deploy a laravue app on heroku, and i got an error like this
mixed Content: The page at ‘https://example.herokuapp.com/’ was loaded
over HTTPS, but requested an insecure stylesheet
‘http://example.herokuapp.com/build/assets/app.55a1010a.css’. This
request has been blocked; the content must be served over HTTPS.
the problem caused by vite production importing assets file via http not https.
and this is how i import my assets file how to fix this problem?
@vite(['resources/js/app.js', 'resources/css/app.css'])
2
Answers
S1. Open .htaccess file and add the following line Header always set Content-Security-Policy "upgrade-insecure-requests;"
S2. remove these lines from your htaccess:
Please note that 443 port number is used for HTTPS requests.
As you are deploying to Heroku, you are probably behind a proxy.
So you have to set Trusted Proxies. (See doc at https://laravel.com/docs/9.x/requests#configuring-trusted-proxies)
You can open the file /app/Http/Middleware/TrustProxies.php and then enable all ip if you don’t know the proxy IP.