如果强制HTTPS，则“重定向过多”，否则通过HTTP加载资产

Question

我已经为Laravel网站安装了SSL证书，但是当我以https://example.com的身份打开它时，CSS / JS资产是通过HTTP加载的。例如，asset('css/charts.css')等于http://example.com/public/css/charts.css，浏览器因为不安全而拒绝加载它。

因此，我遵循以下几个SO问题的答案，通过执行以下操作来强制所有链接变为HTTPS：

1）将HTTPS_ONLY=true添加到了.env 2）在app/Providers/AppServiceProvider.php中添加了以下内容：

if(env('HTTPS_ONLY')){
    $url->forceScheme('https');
}

在服务提供商的boot方法内部。但是，在执行此操作并尝试打开https://example.com之后，我收到了ERR_TOO_MANY_REDIRECTS错误。

这是域的虚拟主机文件：

<VirtualHost *:80>
    ServerAdmin myemail@gmail.com
    ServerName example.com
    DocumentRoot /var/www/example.com/public
    <Directory /var/www/example.com/public>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

因此，这里没有与HTTPS相关的内容。在example.com/public中，我也查看了一个.htaccess文件，但它的内容也看起来很纯洁：

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

有人知道这个问题可能是什么，我该如何调试呢？这些都在Apache，Ubuntu 18.04服务器上。

Answer 1

asset，url helper将遵循此环境（.env）值，因此应这样更改

APP_URL=https://example.com

并运行php artisan config:clear

Answer 2

我正在使用此配置进行https重定向 appserviceprovider.php中的以下内容

if(config('app.env') === 'production') { \URL::forceScheme('https'); }

.htaccess在公共场合              选项-MultiViews-索引     

RewriteEngine On

# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]

# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]