[5.4] Fix cache in mix method.

[mathieutu]

Fix #19764.

[taylorotwell]

We need a clear explanation of what is wrong with it. Someone disagreed that it was broken in that thread.

[mathieutu]

As I said in #19764 (comment):

If you look at the code, you will directly see that this can't work.
as I said and @djtarazona showed in #19764 (review), the $manifestKey is added as a key of $manifests and the check is done in the values of the array with in_array. We have to use array_key_exists or isset here.

The mix method will continue to work globally, but it will no longer have a cache system.
If you test it with code coverage, you will directly see that this piece of code is never used.

We could stop wasting time with this kind of discussion if things were tested (like in the PR you closed...).

[VinnyWeb1]

Adding asset() here broke our app by adding full URLs instead of relative. URLs were not secure causing the browser to not load them.

[mathieutu]

Hi @VinnyWeb1 , I'm sorry about that I didn't think about this.. weird case.

Do you know why your assets urls are not secure?
If you use https, they should be, no? The asset() method is made exactly for that case, and even in the doc you can read it manages https:

"Generate a URL for an asset using the current scheme of the request (HTTP or HTTPS):"

The check for secure url is done here.

You can quickly fix that using the URL::forceScheme('https'); method in a service provider if you don't find the origin of your problem. 😥

[VinnyWeb1]

Hey @mathieutu , I'm not exactly sure why they aren't HTTPS, it may be one of our configurations we have set. But when we develop locally, we don't use HTTPS, our beta servers and production servers both have SSLs installed. We've always tried to use relative URLs instead absolute url due to a similar issue to this. But since v5.4.29, our stylesheets and javascript failed to load, so i temporarily reverted back to v5.4.28.

I guess i can do some sort of environment check and force HTTPS with that function you provided. But i'm not sure why, but asset() and route() both return HTTP URLs.

Edit: I'm thinking it may be because we're using AWS Elastic Beanstalk and the SSL is on the Load Balancer. So Laravel might not know about the certificate?

[mathieutu]

Yeah we all have the same pattern (http in local, https in prod)
I'm testing if it's working that on my side, and let you know.

[VinnyWeb1]

I went ahead and tested it as well and it is working on local, beta, and production. Thanks @mathieutu

[dwightwatson]

I've made a PR that reverts the addition of the asset function here. It broke my app where we prefix the mix path with another host name (we serve our assets from a CDN rather than the app itself). I think it's better to leave the host off to maximise flexibility.

As far as Laravel not realising it's a HTTPS connection behind a load balancer like on Elastic Beanstalk, you probably need to use the TrustedProxies package which you can use to instruct Laravel that it is in fact a secure connection, despite the fact it's handed off as a standard HTTP request.