Hello,
I have this web site where only two pages have to be secure pages and
I need to call them using https, but since I have my development
server and my production web server, I dont want to enter the absolute
url like
response.redire ct("https://myProductionSer ver.com/SecurePage.aspx "),
because when Im working in the development server I would have to
change it back and forth everytime. Is there an easy way to do this
without having to put the absolute address. And also, when Im finished
with the secure pages, how do I go back to non-secure? just entering
the address again just as http:// ? and again, how do I do it without
using the whole URL. Cause in that case I would have to specify the
absolute URL everywhere the users can click and go to another page,
cause if they are in a secure session, and they move to another page
without specifiying if it's https or just http, I think it would keep
the https no matter what kind of page it is, unless I specify
everywhere when it has to be https or http. I hope I make sense here.
Thanks a lot. 3 14047
Hi
you can use
response.redire ct(Request.Appl icationPath + "/Homepage.aspx") ;
rajeev
"Pooja Renukdas" <po****@metasys software.com> wrote in message news:u0******** ******@TK2MSFTN GP11.phx.gbl... Hello, I have this web site where only two pages have to be secure pages and I need to call them using https, but since I have my development server and my production web server, I dont want to enter the absolute url like response.redire ct("https://myProductionSer ver.com/SecurePage.aspx "), because when Im working in the development server I would have to change it back and forth everytime. Is there an easy way to do this without having to put the absolute address. And also, when Im finished with the secure pages, how do I go back to non-secure? just entering the address again just as http:// ? and again, how do I do it without using the whole URL. Cause in that case I would have to specify the absolute URL everywhere the users can click and go to another page, cause if they are in a secure session, and they move to another page without specifiying if it's https or just http, I think it would keep the https no matter what kind of page it is, unless I specify everywhere when it has to be https or http. I hope I make sense here. Thanks a lot.
You can do the following. Obviously, you'll have to change the code a bit
to suit what you want, but i guess you can derive it from this...
if(Request.Serv erVariables["HTTPS"].ToLower() == "off")
{
strBaseURL = "http://";
}
else
{
strBaseURL = "https://";
}
strBaseURL = strBaseURL + Request.ServerV ariables["SERVER_NAM E"] + ":";
strBaseURL = strBaseURL + Request.ServerV ariables["SERVER_POR T"];
strBaseURL = strBaseURL + Request.ServerV ariables["URL"];
"Pooja Renukdas" <po****@metasys software.com> wrote in message
news:u0******** ******@TK2MSFTN GP11.phx.gbl... Hello,
I have this web site where only two pages have to be secure pages and I need to call them using https, but since I have my development server and my production web server, I dont want to enter the absolute url like response.redire ct("https://myProductionSer ver.com/SecurePage.aspx "), because when Im working in the development server I would have to change it back and forth everytime. Is there an easy way to do this without having to put the absolute address. And also, when Im finished with the secure pages, how do I go back to non-secure? just entering the address again just as http:// ? and again, how do I do it without using the whole URL. Cause in that case I would have to specify the absolute URL everywhere the users can click and go to another page, cause if they are in a secure session, and they move to another page without specifiying if it's https or just http, I think it would keep the https no matter what kind of page it is, unless I specify everywhere when it has to be https or http. I hope I make sense here.
Thanks a lot.
Pooja,
There are a few ways to accomplish your task. I'll list a couple.
1.) You could add a few lines of code to your Global.asax file for the
Application_Beg inRequest event handler. This handler would simply check the
current page request, via Request.Path.En dsWith("/PageName.aspx") , for
either of the two pages you need to be secure. Once it's determined if the
page requested needs to be secure, check Request.IsSecur eConnection to see
if the request was already made via HTTPS. If not, redirect to
Request.Path.Re place("http://", "https://"). If the requested page is not
one of those two pages yet Request.IsSecur eConnection returns True, then
redirect to Request.Path.Re place("https://", "http://") to undo the secure
connection.
2.) Another alternative is to create an HttpModule that you can install with
each project, or for the entire server via machine.config, that reads a
custom configuration section from your web.config file for the pages and
directories that need to be secured and any pages and directories that
should be ignored (i.e. requests that should remain in the protocal they
were requested). This class would read those pages into a searchable
collection and test for a match with the current requested page from the
BeginRequest event once again. A decision to redirect is made there.
Have fun,
Matt
"Pooja Renukdas" <po****@metasys software.com> wrote in message
news:u0******** ******@TK2MSFTN GP11.phx.gbl...
Hello,
I have this web site where only two pages have to be secure pages and
I need to call them using https, but since I have my development
server and my production web server, I dont want to enter the absolute
url like
response.redire ct("https://myProductionSer ver.com/SecurePage.aspx "),
because when Im working in the development server I would have to
change it back and forth everytime. Is there an easy way to do this
without having to put the absolute address. And also, when Im finished
with the secure pages, how do I go back to non-secure? just entering
the address again just as http:// ? and again, how do I do it without
using the whole URL. Cause in that case I would have to specify the
absolute URL everywhere the users can click and go to another page,
cause if they are in a secure session, and they move to another page
without specifiying if it's https or just http, I think it would keep
the https no matter what kind of page it is, unless I specify
everywhere when it has to be https or http. I hope I make sense here.
Thanks a lot. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Brian Henry |
last post by:
I created a project and it looks like everything is loading under HTTPS on
all the pages perfectly except one page that it loads saying that the page
contains both secure and non secure items... how would i check to see which
items are loading that are insecure on IIS? the page is writen in ASP.NET, I
know exactly which control is doing it (a custom writen one) but i cant seem
to figure out what in the control is doing it... is there logs...
|
by: Andre Ranieri |
last post by:
I have a quick question - I'd just like to have confirmation to be sure.
I'm building an ASP.NET corporate site for my employer, some of the pages
have e-commerce capability and will need to be SSL-encrypted. Thus, I assume
I'll need to use absolute links to specifiy the https protocol (correct me if
I'm wrong on that)
Does ASP.NET handle an absolute link any different than a relative one?
Will I have any problems maintaining session...
|
by: Dabbler |
last post by:
I'm sending users to a secure page https to fill out a registration form.
When they're done I show a thank you page. I need to return the user to http
mode after filling out the form.
If I use response.redirect I get a security warning when transitioning from
https to http. Is there an accepted way to avoid having the user see this?
Thanks.
|
by: Sergej Prokoviev |
last post by:
We are running our site at www.waynesavings.com on secure hosting
(Server 2003, IIS). We are using a custom 403.4 error page (called
403_4.asp, located under root) to redirect all users to https if they
come in on http. The site is also using an instant refresh on the
index.htm page under root to www.waynesavings.com/aboutus/home.htm due
to issues with the javascript menus used on the site.
The code we're using on the custom 403 page is...
|
by: amitvps |
last post by:
Secure Socket Layer is very important and useful for any web application but it brings some problems too with itself. Handling navigation between secure and non-secure pages is one of the cumbersome jobs.
When a non-secure page references a secure page with relative URL, the web server generates error until absolute URL with https prefix is used. On the other hand when a secure page references a non-secure page, the non-secure page will be...
| |
by: =?Utf-8?B?YzY3NjIyOA==?= |
last post by:
Hi all,
I am trying to set this up using asp code and IIS configuration. But it
seems not working. Here it is the way I am doing.
In IIS I set up a virtual directory with secure communication, I checked
require secure channel, require 128-bit encryption. In custom error, instead
of using default message
HTTP 403.4 - Forbidden: SSL required
Internet Information Services
in iishelp 403.4htm, I am trying to do redirect automatically.
so I...
|
by: kmithu |
last post by:
I have a web site where I want to make the pages secures.ie. I want to redirect my pages to https.I have tried this doing so by making a self signed certificate and using response.redirect("https://myWebsite/SecuredPage.aspx") and it ran out well.
But my problem is that I want to do this through the web.config file so that even if i want to secure full site or any particular page, I am able to do so at any time.
Using the concept of switch...
|
by: RuthC |
last post by:
Hi, In my website there is a facility for user to create there own pages
we are maintaing this url as
www.mywebsite.com/mypage/user created page name
ex : www.mywebsite.com/mypage/ruth
user created page name can contain alphanumeric charecters including '_' (no white space)
I am using this code to redirect the user created pages
RewriteRule ^mypage/(.*)/ mypage.php?u=$1
|
by: Raven |
last post by:
Hi,
I have a problem with a server side redirect from a secure page to a
non-secure page (same domain name, same folder)
I have added some test code that can display the target URL and that
containt http:// and yet it redirects to https://
example:
I am on
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |