2
I am trying to force SSL use of my MVC WEB application.
I’ve tried with redirect on the global wing, but it goes into too_many_redirects lopping.
protected void Application_BeginRequest(Object source, EventArgs e)
{
if (!Context.Request.IsSecureConnection)
{
Response.Redirect(Request.Url.AbsoluteUri.Replace("http://", "https://"));
}
}
How can I force without falling into the problem of redirect?
I imagine you noticed that the too_many_redirects looping indicates that the redirect is being done even when it is already in https, it would be the case to see if Context.Request.Issecureconnection has no side effect preventing detection.
– Bacco
Test with this instead of Context.Request.Issecureconnection, just to get the web off: Httpcontext.Current.Request.url.Absoluteuri.Contains("https://")
– Bacco
Is the test being done on a normal remote server, or do you have any load Balancer, proxy, Cloudflare or something like that? If you have some intermediation, sometimes HTTPS does not reach the final layer.
– Bacco
Normal remote server, already tried Context.Request.Issecureconnection and the same occurs, use Cloudflare yes
– RBoschini