From 9b6ebbedb38721b1f3698035537c06ee030c8d1a Mon Sep 17 00:00:00 2001
From: lkddi <lkddi@163.com>
Date: Tue, 3 Mar 2026 13:45:35 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=EF=BC=9A=E8=85=BE=E8=AE=AF?=
 =?UTF-8?q?=20EdgeCDN=20HTTPS=20=E5=9B=9E=E6=BA=90=20HTTP=20=E5=AF=BC?=
 =?UTF-8?q?=E8=87=B4=E7=9A=84=20Mixed=20Content=20=E9=94=99=E8=AF=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

配置 trustProxies(at: '*')，让 Laravel 信任 CDN 转发的
X-Forwarded-Proto: https 请求头，url()/route() 自动生成 https:// 链接，
解决 CDN 接入后登录表单请求被浏览器 Mixed Content 策略拦截的问题。
---
 bootstrap/app.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/bootstrap/app.php b/bootstrap/app.php
index 6a8c1f2..f259637 100644
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -12,10 +12,14 @@ return Application::configure(basePath: dirname(__DIR__))
         health: '/up',
     )
     ->withMiddleware(function (Middleware $middleware) {
+        // 信任所有代理转发头（腾讯 EdgeCDN HTTPS 回源 HTTP 场景）
+        // CDN 携带 X-Forwarded-Proto: https，Laravel 据此将请求识别为 HTTPS，url()/route() 生成正确的 https:// 链接
+        $middleware->trustProxies(at: '*');
+
         $middleware->alias([
-            'chat.auth' => \App\Http\Middleware\ChatAuthenticate::class,
-            'chat.level' => \App\Http\Middleware\LevelRequired::class,
-            'chat.site_owner' => \App\Http\Middleware\SiteOwnerRequired::class,
+            'chat.auth'         => \App\Http\Middleware\ChatAuthenticate::class,
+            'chat.level'        => \App\Http\Middleware\LevelRequired::class,
+            'chat.site_owner'   => \App\Http\Middleware\SiteOwnerRequired::class,
             'chat.has_position' => \App\Http\Middleware\HasActivePosition::class,
         ]);