The easiest way to force HTTPS during Page_Init

Question

The easiest way to force HTTPS during Page_Init

On very few pages of my site, I want to make sure that they can only be accessed via HTTPS connections. What is the best way to accomplish this. All the examples that I see seem to be trying to do this for the entire site.

I was hoping to find a way to do this on Page_Init or Page_Preload .

And redirect to the https version

+4

security c # asp.net https httpcontext

jackncoke Mar 29 '13 at 0:04

source share

2 answers

I would recommend you use HTTP Strict Transport Security.

For more information, please see here:

https://www.owasp.org/index.php/HTTP_Strict_Transport_Security

Any questions, just let me know.

Thanks Fabio @fcerullo

0

fcerullo Mar 29 '13 at 19:27

source share

Grant Thomas · Accepted Answer · 2013-03-29T00:09:40+0000

You can access the IsSecureConnection property of the request and redirect:

 if (!Request.IsSecureConnection) { Response.Redirect(...); }

You may have links to the pages you want to redirect to, or you can build https Uri from parts of Request.Url , etc., but there you can check.

The easiest way to force HTTPS during Page_Init

More articles: