URI generated with Twig |theme and |media pipes?

We run OctoberCMS behind a proxy that performs HTTPS offloading. This means that traffic between the browser and the proxy goes over HTTPS, and between the proxy and our web server over HTTP. Because our server runs over HTTP, theme and media pipes references are generated as http://… However, because the pages are loaded via HTTPS, the browser refuses to load HTTP references (Mixed Content error).

The solution is not to use theme and media pipes, but this is not very practical. Is there a way to tell |theme and |media Twig pipes which protocol to generate for the URI? Or to have a pipes generating only the relative path reference without the domain and the port?

BTW, this error is in the OctoberCMS documentation too. Website address is https://octobercms.com and javascript reference is http://octobercms.com/themes/website/js/menu.js.

mixedcontent1452×370 40.2 KB

If the browser loads the content via https, it will never load the resource over http. The example in the documentation is wrong.

Not sure if October uses Laravel’s logic, but for a Laravel project, you have to configure the TrustProxies middleware to trust your proxy server’s headers.

Once this is configured, Laravel will detect that site is running in a HTTPS context even if the proxy request is sent using HTTP and generate the links accordingly.

Maybe this is worth a shot.

I don’t think Latafel should help with URL rewriting for resources. Basically, it should be done by a proxy. My question was whether Twig could do it.

We ended up running our backend servers with TLS/SSL because we couldn’t find any other option. The advantage of our system is that the proxy uses CA-signed certificates, and the connection to the backend servers can run with certificates that we sign ourselves. Of course, we sign them so that we don’t have to change certificates every year, as required by CAs.