473,287 Members | 1,501 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,287 software developers and data experts.

Redirect to a secure page using HTTPS without an absolute URL

Hello,

I have this web site where only two pages have to be secure pages and
I need to call them using https, but since I have my development
server and my production web server, I dont want to enter the absolute
url like
response.redirect("https://myProductionServer.com/SecurePage.aspx"),
because when Im working in the development server I would have to
change it back and forth everytime. Is there an easy way to do this
without having to put the absolute address. And also, when Im finished
with the secure pages, how do I go back to non-secure? just entering
the address again just as http:// ? and again, how do I do it without
using the whole URL. Cause in that case I would have to specify the
absolute URL everywhere the users can click and go to another page,
cause if they are in a secure session, and they move to another page
without specifiying if it's https or just http, I think it would keep
the https no matter what kind of page it is, unless I specify
everywhere when it has to be https or http. I hope I make sense here.

Thanks a lot.
Nov 17 '05 #1
3 14005
Hi

you can use

response.redirect(Request.ApplicationPath + "/Homepage.aspx");

rajeev
"Pooja Renukdas" <po****@metasyssoftware.com> wrote in message news:u0**************@TK2MSFTNGP11.phx.gbl...
Hello,

I have this web site where only two pages have to be secure pages and
I need to call them using https, but since I have my development
server and my production web server, I dont want to enter the absolute
url like
response.redirect("https://myProductionServer.com/SecurePage.aspx"),
because when Im working in the development server I would have to
change it back and forth everytime. Is there an easy way to do this
without having to put the absolute address. And also, when Im finished
with the secure pages, how do I go back to non-secure? just entering
the address again just as http:// ? and again, how do I do it without
using the whole URL. Cause in that case I would have to specify the
absolute URL everywhere the users can click and go to another page,
cause if they are in a secure session, and they move to another page
without specifiying if it's https or just http, I think it would keep
the https no matter what kind of page it is, unless I specify
everywhere when it has to be https or http. I hope I make sense here.

Thanks a lot.

Nov 17 '05 #2
You can do the following. Obviously, you'll have to change the code a bit
to suit what you want, but i guess you can derive it from this...
if(Request.ServerVariables["HTTPS"].ToLower() == "off")
{
strBaseURL = "http://";
}
else
{
strBaseURL = "https://";
}
strBaseURL = strBaseURL + Request.ServerVariables["SERVER_NAME"] + ":";
strBaseURL = strBaseURL + Request.ServerVariables["SERVER_PORT"];
strBaseURL = strBaseURL + Request.ServerVariables["URL"];
"Pooja Renukdas" <po****@metasyssoftware.com> wrote in message
news:u0**************@TK2MSFTNGP11.phx.gbl...
Hello,

I have this web site where only two pages have to be secure pages and
I need to call them using https, but since I have my development
server and my production web server, I dont want to enter the absolute
url like
response.redirect("https://myProductionServer.com/SecurePage.aspx"),
because when Im working in the development server I would have to
change it back and forth everytime. Is there an easy way to do this
without having to put the absolute address. And also, when Im finished
with the secure pages, how do I go back to non-secure? just entering
the address again just as http:// ? and again, how do I do it without
using the whole URL. Cause in that case I would have to specify the
absolute URL everywhere the users can click and go to another page,
cause if they are in a secure session, and they move to another page
without specifiying if it's https or just http, I think it would keep
the https no matter what kind of page it is, unless I specify
everywhere when it has to be https or http. I hope I make sense here.

Thanks a lot.

Nov 17 '05 #3
Pooja,

There are a few ways to accomplish your task. I'll list a couple.

1.) You could add a few lines of code to your Global.asax file for the
Application_BeginRequest event handler. This handler would simply check the
current page request, via Request.Path.EndsWith("/PageName.aspx"), for
either of the two pages you need to be secure. Once it's determined if the
page requested needs to be secure, check Request.IsSecureConnection to see
if the request was already made via HTTPS. If not, redirect to
Request.Path.Replace("http://", "https://"). If the requested page is not
one of those two pages yet Request.IsSecureConnection returns True, then
redirect to Request.Path.Replace("https://", "http://") to undo the secure
connection.

2.) Another alternative is to create an HttpModule that you can install with
each project, or for the entire server via machine.config, that reads a
custom configuration section from your web.config file for the pages and
directories that need to be secured and any pages and directories that
should be ignored (i.e. requests that should remain in the protocal they
were requested). This class would read those pages into a searchable
collection and test for a match with the current requested page from the
BeginRequest event once again. A decision to redirect is made there.

Have fun,
Matt

"Pooja Renukdas" <po****@metasyssoftware.com> wrote in message
news:u0**************@TK2MSFTNGP11.phx.gbl...
Hello,

I have this web site where only two pages have to be secure pages and
I need to call them using https, but since I have my development
server and my production web server, I dont want to enter the absolute
url like
response.redirect("https://myProductionServer.com/SecurePage.aspx"),
because when Im working in the development server I would have to
change it back and forth everytime. Is there an easy way to do this
without having to put the absolute address. And also, when Im finished
with the secure pages, how do I go back to non-secure? just entering
the address again just as http:// ? and again, how do I do it without
using the whole URL. Cause in that case I would have to specify the
absolute URL everywhere the users can click and go to another page,
cause if they are in a secure session, and they move to another page
without specifiying if it's https or just http, I think it would keep
the https no matter what kind of page it is, unless I specify
everywhere when it has to be https or http. I hope I make sense here.

Thanks a lot.
Nov 17 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
by: Brian Henry | last post by:
I created a project and it looks like everything is loading under HTTPS on all the pages perfectly except one page that it loads saying that the page contains both secure and non secure items......
1
by: Andre Ranieri | last post by:
I have a quick question - I'd just like to have confirmation to be sure. I'm building an ASP.NET corporate site for my employer, some of the pages have e-commerce capability and will need to be...
5
by: Dabbler | last post by:
I'm sending users to a secure page https to fill out a registration form. When they're done I show a thank you page. I need to return the user to http mode after filling out the form. If I use...
2
by: Sergej Prokoviev | last post by:
We are running our site at www.waynesavings.com on secure hosting (Server 2003, IIS). We are using a custom 403.4 error page (called 403_4.asp, located under root) to redirect all users to https if...
0
by: amitvps | last post by:
Secure Socket Layer is very important and useful for any web application but it brings some problems too with itself. Handling navigation between secure and non-secure pages is one of the cumbersome...
7
by: =?Utf-8?B?YzY3NjIyOA==?= | last post by:
Hi all, I am trying to set this up using asp code and IIS configuration. But it seems not working. Here it is the way I am doing. In IIS I set up a virtual directory with secure communication, I...
1
by: kmithu | last post by:
I have a web site where I want to make the pages secures.ie. I want to redirect my pages to https.I have tried this doing so by making a self signed certificate and using...
2
by: RuthC | last post by:
Hi, In my website there is a facility for user to create there own pages we are maintaing this url as www.mywebsite.com/mypage/user created page name ex : www.mywebsite.com/mypage/ruth user...
0
by: Raven | last post by:
Hi, I have a problem with a server side redirect from a secure page to a non-secure page (same domain name, same folder) I have added some test code that can display the target URL and that...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: marcoviolo | last post by:
Dear all, I would like to implement on my worksheet an vlookup dynamic , that consider a change of pivot excel via win32com, from an external excel (without open it) and save the new file into a...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.