I needed some code to automatically redirect a user from http to https. My friend Kamil came to the rescue and forwarded me a link to this code component:
Matt Sollars - Web Page Security
Of course you could just have a response redirect on default.aspx but I wanted something a lot more elegant and this did exactly that.
Although the whole of my site had to be secure, it was pretty clear here how to restrict https to certain directories or files with relative ease using web.config.
The code extends the IHttpModule and therefore can be easily configured to work for all files and removes the necessity to embed code into all pages.
No comments:
Post a Comment