Skip to content

Commit d59fdaa

Browse files
kenjiskenjis
committed
fix: force_https() redirects to wrong URL
1 parent e56e460 commit d59fdaa

File tree

1 file changed

+2
-18
lines changed

1 file changed

+2
-18
lines changed

system/Common.php

Lines changed: 2 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -502,27 +502,11 @@ function force_https(
502502
Services::session()->regenerate(); // @codeCoverageIgnore
503503
}
504504

505-
$baseURL = config(App::class)->baseURL;
506-
507-
if (strpos($baseURL, 'https://') === 0) {
508-
$authority = substr($baseURL, strlen('https://'));
509-
} elseif (strpos($baseURL, 'http://') === 0) {
510-
$authority = substr($baseURL, strlen('http://'));
511-
} else {
512-
$authority = $baseURL;
513-
}
514-
515-
$uri = URI::createURIString(
516-
'https',
517-
$authority,
518-
$request->getUri()->getPath(), // Absolute URIs should use a "/" for an empty path
519-
$request->getUri()->getQuery(),
520-
$request->getUri()->getFragment()
521-
);
505+
$uri = $request->getUri()->withScheme('https');
522506

523507
// Set an HSTS header
524508
$response->setHeader('Strict-Transport-Security', 'max-age=' . $duration)
525-
->redirect($uri)
509+
->redirect((string) $uri)
526510
->setStatusCode(307)
527511
->setBody('')
528512
->getCookieStore()

0 commit comments

Comments
 (0)