Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

shaungbhone's avatar

Ziggy gives me http not secure in my prod site!

Hello guys, I got error HTTP error on my production site. Ziggy gives me an HTTP URL (not secure) when I look at with chrome view page source, I got that script.

<!-- Scripts -->
        <script type="text/javascript">
    const Ziggy = {"url":"http:\/\/www.mywebsite.co","port":null,"defaults":{},"routes":{"sanctum.csrf-cookie":{"uri":"sanctum\/csrf-cookie","methods":["GET","HEAD"]},"filepond-process":{"uri":"filepond","methods":["POST"]},"filepond-patch":{"uri":"filepond","methods":["PATCH"]},"filepond-head":{"uri":"filepond","methods":["GET","HEAD"]},"filepond-revert":{"uri":"filepond","methods":["DELETE"]},"contact":{"uri":"contact","methods":["GET","HEAD"]},"contact.create":{"uri":"contact\/create","methods":["GET","HEAD"]},"contact.store":{"uri":"contact","methods":["POST"]},"contact.show":{"uri":"contact\/{contact}","methods":["GET","HEAD"],"bindings":{"contact":"id"}},"contact.edit":{"uri":"contact\/{contact}\/edit","methods":["GET","HEAD"],"bindings":{"contact":"id"}},"contact.update":{"uri":"contact\/{contact}","methods":["PUT","PATCH"],"bindings":{"contact":"id"}},"contact.destroy":{"uri":"contact\/{contact}","methods":["DELETE"],"bindings":{"contact":"id"}},"users.index":{"uri":"users","methods":["GET","HEAD"]},"users.create":{"uri":"users\/create","methods":["GET","HEAD"]},"users.store":{"uri":"users","methods":["POST"]},"users.show":{"uri":"users\/{user}","methods":["GET","HEAD"]},"users.edit":{"uri":"users\/{user}\/edit","methods":["GET","HEAD"],"bindings":{"user":"id"}},"users.update":{"uri":"users\/{user}","methods":["PUT","PATCH"],"bindings":{"user":"id"}},"users.destroy":{"uri":"users\/{user}","methods":["DELETE"],"bindings":{"user":"id"}},"dashboard":{"uri":"dashboard","methods":["GET","HEAD"]},"components.buttons":{"uri":"components\/buttons","methods":["GET","HEAD"]}}};
0 likes
5 replies
Sinnbeck's avatar

Do you have ASSET_URL set in your env? Or APP_URL? Are they with with https ?

shaungbhone's avatar
shaungbhone
OP
3 years ago
Best Answer
Level 28

I made that. It's working now. But all scripts are showing in view-page source.

JordanBain's avatar

if you're using a cdn like cloudfront with inertiajs you need to forward the inertia headers else the server will return a html response in stead of the a json response. Hence the modal iframe that pops up. You can find out more here inertiajs.com/the-protocol. Hope this helps.

Please or to participate in this conversation.