修复：腾讯 EdgeCDN HTTPS 回源 HTTP 导致的 Mixed Content 错误

配置 trustProxies(at: '*')，让 Laravel 信任 CDN 转发的 X-Forwarded-Proto: https 请求头，url()/route() 自动生成 https:// 链接，解决 CDN 接入后登录表单请求被浏览器 Mixed Content 策略拦截的问题。
2026-03-03 13:45:35 +08:00
parent e21f049643
commit 9b6ebbedb3
1 changed files with 7 additions and 3 deletions
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -12,10 +12,14 @@ return Application::configure(basePath: dirname(__DIR__))
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
+        // 信任所有代理转发头（腾讯 EdgeCDN HTTPS 回源 HTTP 场景）
+        // CDN 携带 X-Forwarded-Proto: https，Laravel 据此将请求识别为 HTTPS，url()/route() 生成正确的 https:// 链接
+        $middleware->trustProxies(at: '*');
+
        $middleware->alias([
-            'chat.auth' => \App\Http\Middleware\ChatAuthenticate::class,
-            'chat.level' => \App\Http\Middleware\LevelRequired::class,
-            'chat.site_owner' => \App\Http\Middleware\SiteOwnerRequired::class,
+            'chat.auth'         => \App\Http\Middleware\ChatAuthenticate::class,
+            'chat.level'        => \App\Http\Middleware\LevelRequired::class,
+            'chat.site_owner'   => \App\Http\Middleware\SiteOwnerRequired::class,
            'chat.has_position' => \App\Http\Middleware\HasActivePosition::class,
        ]);