I use Slim 3 with the proxy-detection-library from Akrabat: https://github.com/akrabat/proxy-detection-middleware/
The uri in the request object is rewritten correctly, but I also use the uri/base-url in the code before app start, especially (but not only) in the twig-view and in my own twig-extensions. Here the links have http instead of https. Example code:
$container['view'] = function ($container)
{
$path = ...
$cache = ...
$view = new \Slim\Views\Twig( $path, [
'cache' => $cache,
]);
$router = $container->get('router');
# Here we use $_SERVER which generate urls with http
$uri = \Slim\Http\Uri::createFromEnvironment(new \Slim\Http\Environment($_SERVER));
$view->addExtension(new Slim\Views\TwigExtension($router, $uri));
....
# here I add a frontend-class for assets which also produce http instead of https
$view->getEnvironment()->addGlobal('assets', new \Typemill\Assets($uri->getBaseUrl()));
return $view;
};
The uri is generated with the original server-params with the http scheme. I ended up writing a static helper class called getUri where I apply the same logic as the proxy-middleware, but that copy code does not make sense to me.
I could overwrite the server params with https, but it feels dirty. Or just check X-Forwarded-Proto and only overwrite scheme without port and host, but I fear to run into other issues then.
Is there an elegant way to fix that problem? Maybe I misunderstand the concept here?