Laravel: Set asset without protocol

Question

Use asset helper function like below:

<script src="{{ asset('/assets/js/jquery-2.1.1.min.js') }}"></script>

will get

<script src="http://xxx.xxx.com/assets/js/jquery-2.1.1.min.js"></script>

Is there any laravel build-in solutions can let it be

<script src="//xxx.xxx.com/assets/js/jquery-2.1.1.min.js"></script>

and properly display with http and https protocols?

[EDIT]

I know that Laravel normally detects the protocol correctly, but when behind a load balancer, it does not. So I'm still looking for a solution to this.

You realize the `asset` helper has a second argument `$secure`? That means `{{ asset('/assets/js/jquery-2.1.1.min.js', true) }}` should give you want you want, if you know the protocol needs to be https. — jszobody, Oct 07 '16 at 14:49

Atrakeur · Answer 1 · 2016-10-07T09:38:50.177

Laravel create secured link only if the request is considered as secured.

Laravel has already a way to treat non httpS traffic as "secured" if it's comming from a "trusted proxies".

You can declare such trusted proxies in your application service provider like that:

 Request::setTrustedProxies(array( '199.27.128.0/21', 'some other range'));

Also, make sure your loadbalancer set the following headers correctly:

Host, X-Forwarded-Host, X-Forwarded-Port, X-Real-IP, X-Forwarded-For and X-Forwarded-Proto

"Public" proxies such as cloudflare already does this btw.

Basically the point here is that client connection is terminated at one of the frontend servers (acting as a proxy), thus we have to declare communication from that server as trusted so that laravel use headers from the proxy server instead of the values readed localy.

Doing this enable functions such as Request::isSecure() or Request::ip() to return a consistent result.

score 1 · Answer 2 · answered Dec 19 '14 at 09:38

1

Laravel will automaticly change the url of the asset to the protocol used to load the site.

If your site is loaded over a secure connection, the asset links will automaticly use https.

Update:

If you do want to display the assets with only //, you could write your own HTML macro.

answered Dec 19 '14 at 09:38

Jerodev

32,252
11
87
108

The problem is that if a site is behind a load balancer, it shows http links where it should be https links. – kramer65 Oct 07 '16 at 09:10

score 1 · Answer 3 · answered Oct 11 '16 at 15:20

1

I had the same issue, then I discovered that the asset() method has an optional second variable, true or false for SSL requests.

The solution that I use is the following:

<link rel="stylesheet" href="{{ asset('assets/bootstrap/3.3.7/css/bootstrap.min.css', !App::isLocal()) }}" />

<script type="text/javascript" src="{{ asset('assets/parsley/2.4.4/parsley.min.js', !App::isLocal()) }}"></script>

Notice:

!App::islocal()

If my application environment is local, SSL isn't chosen, however in the production environment the assets will be called over SSL.

answered Oct 11 '16 at 15:20

Sledmore

300
2
10

Thats not the same as `//` – Oct 13 '16 at 14:14
Yup, true. However it will properly allow make a request over SSL, as the asset method is being told to provide it. – Sledmore Oct 13 '16 at 14:24

score 0 · Answer 4 · answered Dec 19 '14 at 09:40

The code that generates asset URLs is in illuminate/Routing/UrlGenerator.php

There is a forceSchema() method which could be easily modified to do what you require, though to be honest this functionality should probably be in Laravel and it may be worth submitting a pull request on their github.

score 0 · Answer 5 · answered Oct 07 '16 at 14:41

You should check this article http://ankitpokhrel.com/explore/overriding-base-url-in-laravel-5/. basically you can override url() function in your AppServiceProvider to generate urls like /assets/something.js instead of http://example.com/assets/something.js

Rakesh Sojitra · Answer 6 · 2016-10-11T07:34:16.967

asset() generate a URL for an asset using the current scheme of the request (HTTP or HTTPS):

And if you want to provide an external URL for which you don't know about http or https like cdn URL you can write like below

<script src="{!! asset('//code.jquery.com/jquery-2.1.1.min.js') !!}"></script>

However you can write like

<script src="//{!! Request::server ('HTTP_HOST').'/assets/js/jquery-2.1.1.min.js' !!}"></script>

OR

<script src="{!! asset('//'.Request::server ('HTTP_HOST').'/assets/js/jquery-2.1.1.min.js') !!}"></script>

score 0 · Answer 7 · answered Oct 12 '16 at 11:15

0

I normally use

<script src="/assets/js/jquery-2.1.1.min.js"></script>

without calling the asset() function

dirty I know, but in 90% of the sites I worked, it is a perfect solution

answered Oct 12 '16 at 11:15

Luca C.

11,714
1
86
77

score 0 · Answer 8 · answered Sep 06 '18 at 07:16

This might help someone.

Helper function way :

function schemalessAsset($path)
{
    if (url()->isValidUrl($path)) {
        return str_replace(['http:','https:'], '', $path);
    }

    return url()->assetFrom(url()->formatRoot('//'), $path);
}

Macroable way :

URL::macro('schemalessAsset', function ($path) {
    if (URL::isValidUrl($path)) {
        return str_replace(['http:','https:'], '', $path);
    }

    return URL::assetFrom(URL::formatRoot('//'), $path);
});

Tested in Laravel 5.6. It should work in other versions as well.

Laravel: Set asset without protocol

8 Answers8