确保页面只能通过SSL访问 [英] Ensure page is only accessed via SSL

问题描述

如何确保我的用户不能实际输入HTTP：绕过我的SSL，并确保每一页为https：

How do I ensure that my users can not physically type in http: to bypass my SSL and ensure that every page is https:?

可能是我的母版页上的重定向？

Possibly a redirect on my master page?

推荐答案

这一般会被通过IIS配置或ISAPI筛选器处理，但如果你想这样做在应用code，你可以把东西像这样在你的母版页的Page_Init事件......

This would generally be handled via IIS configuration or with an ISAPI filter, but if you want to do it in the application code, you could put something like this in the Page_Init event of your master page...

If Not Request.IsSecure
    Response.Redirect(Request.Url.AbsoluteUri.Replace("http://", "https://"))
End If

这篇关于确保页面只能通过SSL访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！