Ask a Question related to ASP.NET General, Design and Development.
-
Pooja Renukdas #1
Redirect to a secure page using HTTPS without an absolute URL
Hello,
I have this web site where only two pages have to be secure pages and
I need to call them using https, but since I have my development
server and my production web server, I dont want to enter the absolute
url like
response.redirect("https://myProductionServer.com/SecurePage.aspx"),
because when Im working in the development server I would have to
change it back and forth everytime. Is there an easy way to do this
without having to put the absolute address. And also, when Im finished
with the secure pages, how do I go back to non-secure? just entering
the address again just as http:// ? and again, how do I do it without
using the whole URL. Cause in that case I would have to specify the
absolute URL everywhere the users can click and go to another page,
cause if they are in a secure session, and they move to another page
without specifiying if it's https or just http, I think it would keep
the https no matter what kind of page it is, unless I specify
everywhere when it has to be https or http. I hope I make sense here.
Thanks a lot.
Pooja Renukdas Guest
-
Sending XML request to a secure server (https) ?
Hi everyone: I am having this problem of sending XML request to an address which starts with "https". The problem is I always get the error... -
Secure communication over https !
I am developing an application over the web(intranet app). Now my problem has to do with secure communication between browser and webserver. I... -
Is it possible to screen scrape a secure site (HTTPS).....
I know you can screen scrape a website using the System.Net.HttpWebResponse & System.Net.HttpWebRequest classes. But how do you screen scrape a... -
[PHP] Redirect to HTTPS
Here's another way to do it: <?php $url=$_SERVER; $url_array=parse_url($url); if($url_array!="https") { header("Location:... -
Redirect to HTTPS
I have a stupid question. I need if i be in a http make a redirect to https. Http is a 80 port and ssl is a 443 port if... -
Rajeev Soni #2 Re: Redirect to a secure page using HTTPS without an absolute URL
Hi
you can use
response.redirect(Request.ApplicationPath + "/Homepage.aspx");
rajeev
"Pooja Renukdas" <poojar@metasyssoftware.com> wrote in message news:u0vlrn2TDHA.2188@TK2MSFTNGP11.phx.gbl...> Hello,
>
> I have this web site where only two pages have to be secure pages and
> I need to call them using https, but since I have my development
> server and my production web server, I dont want to enter the absolute
> url like
> response.redirect("https://myProductionServer.com/SecurePage.aspx"),
> because when Im working in the development server I would have to
> change it back and forth everytime. Is there an easy way to do this
> without having to put the absolute address. And also, when Im finished
> with the secure pages, how do I go back to non-secure? just entering
> the address again just as http:// ? and again, how do I do it without
> using the whole URL. Cause in that case I would have to specify the
> absolute URL everywhere the users can click and go to another page,
> cause if they are in a secure session, and they move to another page
> without specifiying if it's https or just http, I think it would keep
> the https no matter what kind of page it is, unless I specify
> everywhere when it has to be https or http. I hope I make sense here.
>
> Thanks a lot.
>
>Rajeev Soni Guest
-
Sanjay Poojari #3 Re: Redirect to a secure page using HTTPS without an absolute URL
You can do the following. Obviously, you'll have to change the code a bit
to suit what you want, but i guess you can derive it from this...
if(Request.ServerVariables["HTTPS"].ToLower() == "off")
{
strBaseURL = "http://";
}
else
{
strBaseURL = "https://";
}
strBaseURL = strBaseURL + Request.ServerVariables["SERVER_NAME"] + ":";
strBaseURL = strBaseURL + Request.ServerVariables["SERVER_PORT"];
strBaseURL = strBaseURL + Request.ServerVariables["URL"];
"Pooja Renukdas" <poojar@metasyssoftware.com> wrote in message
news:u0vlrn2TDHA.2188@TK2MSFTNGP11.phx.gbl...> Hello,
>
> I have this web site where only two pages have to be secure pages and
> I need to call them using https, but since I have my development
> server and my production web server, I dont want to enter the absolute
> url like
> response.redirect("https://myProductionServer.com/SecurePage.aspx"),
> because when Im working in the development server I would have to
> change it back and forth everytime. Is there an easy way to do this
> without having to put the absolute address. And also, when Im finished
> with the secure pages, how do I go back to non-secure? just entering
> the address again just as http:// ? and again, how do I do it without
> using the whole URL. Cause in that case I would have to specify the
> absolute URL everywhere the users can click and go to another page,
> cause if they are in a secure session, and they move to another page
> without specifiying if it's https or just http, I think it would keep
> the https no matter what kind of page it is, unless I specify
> everywhere when it has to be https or http. I hope I make sense here.
>
> Thanks a lot.
>
>
Sanjay Poojari Guest
-
Matt Sollars #4 Re: Redirect to a secure page using HTTPS without an absolute URL
Pooja,
There are a few ways to accomplish your task. I'll list a couple.
1.) You could add a few lines of code to your Global.asax file for the
Application_BeginRequest event handler. This handler would simply check the
current page request, via Request.Path.EndsWith("/PageName.aspx"), for
either of the two pages you need to be secure. Once it's determined if the
page requested needs to be secure, check Request.IsSecureConnection to see
if the request was already made via HTTPS. If not, redirect to
Request.Path.Replace("http://", "https://"). If the requested page is not
one of those two pages yet Request.IsSecureConnection returns True, then
redirect to Request.Path.Replace("https://", "http://") to undo the secure
connection.
2.) Another alternative is to create an HttpModule that you can install with
each project, or for the entire server via machine.config, that reads a
custom configuration section from your web.config file for the pages and
directories that need to be secured and any pages and directories that
should be ignored (i.e. requests that should remain in the protocal they
were requested). This class would read those pages into a searchable
collection and test for a match with the current requested page from the
BeginRequest event once again. A decision to redirect is made there.
Have fun,
Matt
"Pooja Renukdas" <poojar@metasyssoftware.com> wrote in message
news:u0vlrn2TDHA.2188@TK2MSFTNGP11.phx.gbl...
Hello,
I have this web site where only two pages have to be secure pages and
I need to call them using https, but since I have my development
server and my production web server, I dont want to enter the absolute
url like
response.redirect("https://myProductionServer.com/SecurePage.aspx"),
because when Im working in the development server I would have to
change it back and forth everytime. Is there an easy way to do this
without having to put the absolute address. And also, when Im finished
with the secure pages, how do I go back to non-secure? just entering
the address again just as http:// ? and again, how do I do it without
using the whole URL. Cause in that case I would have to specify the
absolute URL everywhere the users can click and go to another page,
cause if they are in a secure session, and they move to another page
without specifiying if it's https or just http, I think it would keep
the https no matter what kind of page it is, unless I specify
everywhere when it has to be https or http. I hope I make sense here.
Thanks a lot.
Matt Sollars Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
