How do I make my ASP.NET application serve pages only over HTTPS?
I want my application to serve all of its web pages over SSL, so I added the lines...
<secu开发者_高级运维reWebPages enabled="true">
<directory path="." />
</secureWebPages>
... to my Web.config and the resulting compiler error is:
Build (web): Unrecognized configuration section secureWebPages.
I am running Visual Studio 2008
Sounds like you might need to add the appropriate configSections
...
<configuration>
<configSections>
<!-- modify as you need. -->
<section
name="secureWebPages"
type="Hyper.Web.Security.SecureWebPageSectionHandler,
WebPageSecurity"
allowLocation="false" />
</configSections>
<secureWebPages mode="On" >
<directories>
<add path="/" recurse="True" />
</directories>
</secureWebPages>
If you want a simple, quick solution to work for your entire web application, you could add this to the Application_BeginRequest
method in your Global.asax
file.
Sub Application_BeginRequest(ByVal sender As Object, ByVal e As EventArgs)
...
If Request.IsSecureConnection = False Then
Dim ub As New UriBuilder(Request.Url)
ub.Scheme = Uri.UriSchemeHttps
ub.Port = 443
Response.Redirect(ub.Uri.ToString, True)
End If
...
End Sub
精彩评论