MVC 中的 [RequireHttps] 不应该做 301 永久重定向吗?为什么它会执行 302(对 SEO 不利?) [英] Shouldn't [RequireHttps] in MVC do a 301 permanent redirect? Why does it do a 302 (bad for SEO?)

问题描述

我在 fiddler 上注意到 [RequireHttps] 执行状态代码 302 重定向而不是 301.我不确定这有什么意义......

I noticed on fiddler that [RequireHttps] does status code 302 redirects instead of 301. I'm not sure how this makes sense...

如果您说的是控制器 [RequireHttps]，那么您永远不会希望人们访问该页面的 Http 版本.那么为什么不是永久重定向...告诉搜索引擎请将您的链接永久更新到此页面的 https 版本".

If you are saying that a controller [RequireHttps], then you never-ever want people to go visit the Http version of that page. So why isn't a permanent redirect... telling the search engines "please update your links permanantly to the https version of this page".

如果这是有道理的，而且我是对的，有没有办法将其更改为 301 重定向?

If this makes sense, and i'm right, is there a way to change it to 301 redirect?

推荐答案

似乎选择 302 而不是 301 似乎有点武断.然而，并不一定意味着每个 URL 都将必须"使用 HTTPS 方案.很可能有一个页面允许从 HTTP 或 HTTPS 访问，即使它可能鼓励后者.可能发生这种情况的实现可能需要连接一些代码，以根据某些特殊标准确定是否使用 HTTPS.

It seems as if the choice to go with 302 over 301 was a little arbitrary to begin with. However, it does not necessarily follow that every URL is going to "have" to utilize the HTTPS scheme. There very well could be a page that allows access from both HTTP or HTTPS even if it may encourage the latter. An implementation where this may occur could have some code wired up to determine whether or not to use HTTPS based on some special criteria.

作为一个案例，看看 Gmail.在设置中，可以在应用程序的大部分区域允许或禁止 HTTPS 协议.那么应该返回哪个代码?301 是不准确的，因为它不是永久性的"……只是在用户的要求下进行了更改.可悲的是，302 也不是很准确，因为 302 错误意味着有意图在将来的某个时间更改链接(相关参考 http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html).

As a case scenario, take a look at Gmail. Within the settings, one is capable of allowing or disallowing the HTTPS protocol throughout large portions of the application. Which code should be returned then? 301 wouldn't be accurate, as it isn't "permanent"...only a change at the behest of the user. Sadly, 302 isn't quite accurate either because a 302 error implies that there is intent to change the link back at some point in the future (related reference http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html).

诚然，Gmail 是一个粗略的例子，因为允许该选项的网站部分通常不会被搜索引擎索引，但这种可能性仍然存在.

Granted, Gmail is a rough example because the portions of the site that allow that option are not typically indexed by a search engine, but the possibility still exists.

为了回答您的最后一个问题，如果您想在 ASP.NET MVC 中使用不同的状态代码(我假设您正在使用小语法示例中的状态代码)，可以使用简单的自定义属性进行更改:

And to answer your final question, if you want a different status code in ASP.NET MVC (which I assume you're using from the small syntax example), it is possible to change with a simple, custom attribute:

public class MyRequireHttpsAttribute : RequireHttpsAttribute
{
    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        base.OnAuthorization(filterContext);

        if (!filterContext.HttpContext.Request.IsSecureConnection)
            filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.MovedPermanently;
    }
}

现在，通过 HTTP 协议访问时，所有实现该属性的操作都应返回 301 状态代码.

Now all actions that implement the attribute should return a 301 status code when accessed via the HTTP protocol.

这篇关于MVC 中的 [RequireHttps] 不应该做 301 永久重定向吗?为什么它会执行 302(对 SEO 不利?)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！