Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

URL Rewrite

Posted on 2011-02-12
10
Medium Priority
?
607 Views
Last Modified: 2012-05-11
Hi EE,

I need to redirect users in my web.config file if a user tries to enter http://mysite.com/secure which should be https://mysite.com/secure. Is there a way to do this in the web.config file such as URL Rewrite? I don't have access to IIS since I'm on a Shared Hosting Plan so it needs to be done in web.config file.

Thanks in advance!!!
0
Comment
Question by:asp_net2
10 Comments
 
LVL 8

Expert Comment

by:Yiogi
ID: 34880803
You can do it easily in your global.asax. Just add this method, or add the code inside it, if you already have the method specified.


protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}

Open in new window

0
 
LVL 4

Author Comment

by:asp_net2
ID: 34881008
Hi Yiogi,

Ok, but where do I put the URL that I want to have redirected to https at?
0
 
LVL 11

Expert Comment

by:SAMIR BHOGAYTA
ID: 34887365
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Author Comment

by:asp_net2
ID: 34887594
That does not show how to redirect a user who visits http://www.mysite.com to https://www.mysite.com. I need to have the http site redirected to https. Can  you show me how to do this?
0
 
LVL 13

Expert Comment

by:Rahul Agarwal
ID: 34893877
add global.asax file from right click on project in solution explorer->add new items->add global.asax file.

Put this code:

protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}
0
 
LVL 8

Expert Comment

by:Yiogi
ID: 34895643
You will not put the url to redirect to anywhere. It will redirect the user to the exact same url he typed in the address but to secure version of the page instead. So if for example user navigated to:

http://www.mysite.com/test/default.aspx?asds=value

he will be redirected to:
https://www.mysite.com/test/default.aspx?asds=value

This is exactly what Request.ServerVariables["HTTP_HOST"] +   HttpContext.Current.Request.RawUrl
will do for you. Replace the url with the one the user originally navigated to. That is the beauty of it.
0
 
LVL 4

Author Comment

by:asp_net2
ID: 34896233
Hi Yiogi,

Not sure where to put the http URL at in the following code that you provided below.


protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}
0
 
LVL 8

Accepted Solution

by:
Yiogi earned 2000 total points
ID: 34921392
Ok let me try and explain better. You put the code I provided in global.asax file. That will fire when someone tries to access your website.

"if (!HttpContext.Current.Request.IsSecureConnection)" will check if the user is using an SSL connection. If he/she is nothing will happen. If he/she isn't using a secure connection then he will be redirected to:
"https://" +
Request.ServerVariables["HTTP_HOST"] will return the current website domain name. For example www.experts-exchange.com
and then finally we append the remaining of the user request with HttpContext.Current.Request.RawUrl. So for example if I had that code in the experts exchange website (assuming the website was asp.net which it isn't, but let's assume it is for the sake of the example) and visited this page which is:

http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/SSL/Q_26817595.html?cid=1572#a34896233

it would automatically redirect me to:
http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/SSL/Q_26817595.html?cid=1572#a34896233

The breakdown in the commands above is
https:// = "https://"
www.experts-exchange.com/    = Request.ServerVariables["HTTP_HOST"]
Networking/Protocols/Application_Protocols/SSL/Q_26817595.html?cid=1572#a34896233  = HttpContext.Current.Request.RawUrl

Is that clear enough for you?

0
 
LVL 4

Author Comment

by:asp_net2
ID: 34939002
Hi Yiogi,

No, still confused, you are showing the same URL's above. You also mention asp.net as an example but not in the code you provided. All my pages DO NOT require SSL only a certain directory such as "client/secure/index.aspx" so i need to make sure that if someone types in http://mysite.com/client/secure/index.aspx they get redirected to https://mysite.com/client/secure/index.aspx.
0
 
LVL 8

Expert Comment

by:Yiogi
ID: 34939462
Ah ok, I apologize I thought you wanted it for all the pages.

The code I have there will redirect the user to SSL for any page in the website if you place it in the global.asax file.

Just place the code below in your index.aspx.cs then. And you are all set.
protected override void OnInit(EventArgs e) {
        base.OnInit(e);
        if (!HttpContext.Current.Request.IsSecureConnection) {
            Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"] + HttpContext.Current.Request.RawUrl);
        }
    }

Open in new window

0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question