fix(runtime): force app_url/force_https per-request via middlewar

2026-04-03 10:30:51 +08:00 · 2026-03-19 04:19:29 +08:00
parent 139b34ca19
commit 47983dec40
6 changed files with 34 additions and 11 deletions
--- a/app/Helpers/Functions.php
+++ b/app/Helpers/Functions.php
@@ -1,6 +1,5 @@
 <?php
 use App\Support\Setting;
-use Illuminate\Support\Facades\App;

 if (!function_exists('admin_setting')) {
    /**
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -37,6 +37,7 @@ class Kernel extends HttpKernel
 //            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
 //            \App\Http\Middleware\VerifyCsrfToken::class,
 //            \Illuminate\Routing\Middleware\SubstituteBindings::class,
+            \App\Http\Middleware\ApplyRuntimeSettings::class,
        ],

        'api' => [
@@ -46,6 +47,7 @@ class Kernel extends HttpKernel
            // \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
            // \Illuminate\Routing\Middleware\ThrottleRequests::class . ':api',
            // \Illuminate\Routing\Middleware\SubstituteBindings::class,
+            \App\Http\Middleware\ApplyRuntimeSettings::class,
            \App\Http\Middleware\ForceJson::class,
            \App\Http\Middleware\Language::class,
            'bindings',
--- a/app/Http/Middleware/ApplyRuntimeSettings.php
+++ b/app/Http/Middleware/ApplyRuntimeSettings.php
@@ -0,0 +1,25 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\URL;
+
+class ApplyRuntimeSettings
+{
+    public function handle(Request $request, Closure $next)
+    {
+        $appUrl = admin_setting('app_url');
+        if (is_string($appUrl) && $appUrl !== '') {
+            URL::forceRootUrl($appUrl);
+        }
+
+        if ((bool) admin_setting('force_https', false)) {
+            URL::forceScheme('https');
+        }
+
+        return $next($request);
+    }
+}
+
--- a/app/Providers/RouteServiceProvider.php
+++ b/app/Providers/RouteServiceProvider.php
@@ -23,11 +23,7 @@ class RouteServiceProvider extends ServiceProvider
     */
    public function boot()
    {
-        //
-        if (admin_setting('force_https')) {
-            resolve(\Illuminate\Routing\UrlGenerator::class)->forceScheme('https');
-        }
-
+        // HTTPS scheme is forced per-request via middleware (Octane-safe).
        parent::boot();
    }

--- a/app/Providers/SettingServiceProvider.php
+++ b/app/Providers/SettingServiceProvider.php
@@ -3,10 +3,8 @@
 namespace App\Providers;

 use App\Support\Setting;
-use Illuminate\Support\Facades\URL;
 use Illuminate\Support\ServiceProvider;
 use Illuminate\Contracts\Foundation\Application;
-use Illuminate\Support\Facades\Log;

 class SettingServiceProvider extends ServiceProvider
 {
@@ -30,8 +28,6 @@ class SettingServiceProvider extends ServiceProvider
     */
    public function boot()
    {
-        if ($appUrl = admin_setting('app_url')) {
-            URL::forceRootUrl($appUrl);
-        }
+        // App URL is forced per-request via middleware (Octane-safe).
    }
 }
--- a/app/Services/ServerService.php
+++ b/app/Services/ServerService.php
@@ -239,6 +239,11 @@ class ServerService
            default => [],
        };

+        $response = array_filter(
+            $response,
+            static fn ($value) => $value !== null
+        );
+
        if (!empty($node['route_ids'])) {
            $response['routes'] = self::getRoutes($node['route_ids']);
        }