Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if (request.RequestUri.Scheme != Uri.UriSchemeHttps)
- {
- // Forbidden (or do a redirect)...
- }
- public class RequireHttpsAttribute : ActionFilterAttribute
- {
- public override void OnActionExecuting(HttpActionContext actionContext)
- {
- if (actionContext.Request.RequestUri.Scheme != Uri.UriSchemeHttps)
- {
- actionContext.Response = new HttpResponseMessage(HttpStatusCode.Forbidden);
- }
- }
- }
- using System;
- using System.Net.Http;
- using System.Web.Http.Controllers;
- using System.Web.Http.Filters;
- ...
- public class RequireHttpsAttribute : AuthorizationFilterAttribute
- {
- public override void OnAuthorization(HttpActionContext actionContext)
- {
- if (actionContext == null)
- {
- throw new ArgumentNullException("actionContext");
- }
- if (actionContext.Request.RequestUri.Scheme != Uri.UriSchemeHttps)
- {
- HandleNonHttpsRequest(actionContext);
- }
- else
- {
- base.OnAuthorization(actionContext);
- }
- }
- protected virtual void HandleNonHttpsRequest(HttpActionContext actionContext)
- {
- actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
- actionContext.Response.ReasonPhrase = "SSL Required";
- }
- }
- string _HtmlBody = string.Empty;
- UriBuilder httpsNewUri;
- var _Request = actionContext.Request;
- if (_Request.RequestUri.Scheme != Uri.UriSchemeHttps )
- {
- _HtmlBody = "<p>Https is required</p>";
- if (_Request.Method.Method == "GET"){
- actionContext.Response = _Request.CreateResponse(HttpStatusCode.Found);
- actionContext.Response.Content = new StringContent(_HtmlBody, Encoding.UTF8, "text/html");
- httpsNewUri = new UriBuilder(_Request.RequestUri);
- httpsNewUri.Scheme = Uri.UriSchemeHttps;
- httpsNewUri.Port = 443;
- //To ask a web browser to load a different web page with the same URI but different scheme and port
- actionContext.Response.Headers.Location = httpsNewUri.Uri;
- }else{
- actionContext.Response = _Request.CreateResponse(HttpStatusCode.NotFound);
- actionContext.Response.Content = new StringContent(_HtmlBody, Encoding.UTF8, "text/html");
- }
- }
- public class RequireHttpsAttribute: AuthorizationFilterAttribute
- {
- public override void OnAuthorization(HttpActionContext actionContext)
- {
- if(actionContext.Request.RequestUri.Scheme != Uri.UriSchemeHttps){
- // constructing the https url
- UriBuilder uriBuilder = new UriBuilder(actionContext.Request.RequestUri);
- uriBuilder.Scheme = Uri.UriSchemeHttps;
- uriBuilder.Port = 44353 // port used in visual studio for this
- actionContext.Response.Headers.Location = uriBuilder.Uri;
- }
- }
- }
- config.Filter.Add(new RequireHttpsAttribute());
- public class RequireHttpsAttribute : AuthorizationFilterAttribute
- {
- public override void OnAuthorization(HttpActionContext context)
- {
- if (context.Request.RequestUri.Scheme != Uri.UriSchemeHttps)
- {
- context.Response = new HttpResponseMessage(HttpStatusCode.UpgradeRequired);
- context.Response.Headers.Add("Upgrade", "TLS/1.1, HTTP/1.1");
- context.Response.Headers.Add("Connection", "Upgrade");
- context.Response.Headers.Remove("Content-Type");
- context.Response.Headers.Add("Content-Type", "text/html");
- context.Response.Content = new StringContent("<html><head></head><body><h1>Http protocol is not valid for this service call.</h1><h3>Please use the secure protocol https.</h3></body></html>");
- }
- else base.OnAuthorization(context);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement