asked on How make sure always HTTPS for a page?
I have a payment page for my website. How can I make sure (with VB.NET) that the page is always utilizing the SSL cert (HTTPS)? If they come in with HTTP, should I just redirect to HTTPS? Any code samples would be nice. Thanks.
ASP.NETWeb DevelopmentVisual Basic.NET
Last Comment
RobertNZana
you can use the server variables to look at the referring url to validate if it is using ssl by checking for https. You could redirect them, but is that just for entering the site or for submiting the data? if they submit to http, it is already to late to redirect as the data is already there.
ASKER
So on the page_load check if the "https" is there and if not do a redirect to the same page but append "https" to the front?
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
After some research I wrote the below code. It seems to work well. See any holes with it?
If Not Request.IsSecureConnection Or Request.Url.ToString.Contains("https://") Then
' redirect to https
Dim strNewUrl As String
strNewUrl = Request.Url.ToString.Replace("http://", "https://")
Response.Redirect(strNewUrl)
End If
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
where to put those code...please tell me...
ASKER
form_load of a page, such as checkhttps.aspx