Mixed content during redirect after success login

[ink-ru]

Not sure that have same problem as described here - https://github.com/orgs/orchidsoftware/discussions/1671 , need help with investigation.
My server not handles SSL headers at all. All requests and serts located outside server. Solution will be useful for all who wants to use Orchid in docker.

Description
Error on fronted side after submit login form with HTTPS. Console shows - mixed content while redirect
After manual following to target page all works. User logged-in.
URL::forceScheme('https') in AppServiceProvider
Server located inside intranet and HTTPS requests target port is 80
On clean installation without SSL works fine.
Any page with force changing protocol to HTTP redirects to HTTPS successfully

To Reproduce
Enable HTTPS on 80 port
Try to login

Expected behavior
Same behavior both with and without HTTPS on. Same proto for all requests.

Screenshots
I try to upload in few hours

Desktop (please complete the following information):

OS: Ubuntu 22.04
Browser: Chrome
Version: 121.0.6167.85 (Official Build) (64-bit)

Server (please complete the following information):
Laravel Version: 6.2
PHP Version: 8.1
Database: PostgreSQL
Database Version: 14.10

Additional context
I can configure server to handle 443 port but not need to find solution for any.
Tried some ways to fast fix.
Turbolinks-Location header not helps.
return redirect()->to('https://example.com/target-route-uri') helps but makes another error in RedirectIfAuthenticated:
return $next($request);

$request not callable

[macit-emre]

this occurs when you setup your env with an ssl resolver proxy (like nginx or something).

You may configure your proxy webserver that offloads ssl to add an extra header (X-FORWARDED-PROTOCOL or sth not guessable) that request comes from HTTPS or not. As we use it the same way which cloudflare sends incoming requests, you may use this codeblock in your public/index.php at the top.

if($_SERVER["HTTP_X_FORWARDED_PROTO"] == 'https'){
        $_SERVER["HTTPS"] = 'on';
    }

or the complete cloudflare solution :

if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
    $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
    if($_SERVER["HTTP_X_FORWARDED_PROTO"] == 'https'){
        $_SERVER["HTTPS"] = 'on';
    }
    if ($_SERVER['HTTP_CF_VISITOR']){
        $httpCfVisitor = @json_decode($_SERVER['HTTP_CF_VISITOR']);
        if ($httpCfVisitor){
            $scheme = $httpCfVisitor->scheme ?? 'http';
            if ($scheme == 'https'){
                $_SERVER["HTTPS"] = 'on';
            }
        }
    }
}

dont forget to set your app_url in .env starting with https as https://blabla.bla
this will only may resolve your problem i guess.

• if you have any further questions, i try to answer.