Monday, August 20, 2007

How to force a page to use SSL (HTTPS)

The following sample code will force pages to use SSL (https) with ASP.NET 2.0:




//this is the current url 
System.Uri currentUrl = System.Web.HttpContext.Current.Request.Url;
//don't redirect if this is localhost
if (!currentUrl.IsLoopback)
{
    if (!currentUrl.Scheme.Equals(Uri.UriSchemeHttps, StringComparison.CurrentCultureIgnoreCase))
    {
        //build the secure uri
        System.UriBuilder secureUrlBuilder = new UriBuilder(currentUrl);
        secureUrlBuilder.Scheme = Uri.UriSchemeHttps;
        //use the default port. 
        secureUrlBuilder.Port = -1;
        //redirect and end the response.
        System.Web.HttpContext.Current.Response.Redirect(secureUrlBuilder.Uri.ToString());
    }
}


Hope it helps.
http://www.ikosoftware.com/
Posted by at
Labels:

2 comments:

Vaibhav Kamath said...

This is an awesome code. I was searching for "how to force SSL with ASP.NET" and found links that required changes to IIS. This code is simple and elegant.

Thank you for sharing,
Vaibhav

March 26, 2008 at 3:34 PM
Anonymous said...

You write very well.

November 10, 2008 at 12:32 PM

Post a Comment

Subscribe to: Post Comments (Atom)