在.NET MVC 2中,您可以应用< RequireHttps()> 属性来使方法受SSL保护。
In .NET MVC 2 you can apply the <RequireHttps()> attribute to make a method be secured by SSL.
<RequireHttps()> Function Index() As ActionResult Return View() End Function假设您的SSL证书是针对mysite发布的。如果用户通过输入 www.mysite ,< RequireHttps()> 将它们重定向到 www.mysite ,这将使浏览器显示无效的证书警告。
Let's say that your SSL certificate is issued for mysite. If the user visits your site by entering www.mysite, <RequireHttps()> will redirect them to www.mysite, which would make the browser display an invalid certificate warning.
切断www的最佳方法是什么?使用< RequireHttps()> 时的前缀?
What is the best way to chop off the www. prefix when using <RequireHttps()> ?
推荐答案我在IIS 7上,可以访问URL Rewrite模块 learn.iis/page.aspx/460/using-the-url-rewrite-module/ 。
I'm on IIS 7 and have access to the URL Rewrite module learn.iis/page.aspx/460/using-the-url-rewrite-module/.
我解决了这个问题将它放在MVC 2应用程序的web.config文件中:
I solved this by putting this in the web.config file of the MVC 2 application:
<configuration> ... <system.webServer> <rewrite> <rules> <rule name="CanonicalHostNameRuleMain" stopProcessing="true"> <match url="(.*)" /> <conditions logicalGrouping="MatchAny"> <add input="{HTTP_HOST}" pattern="^mysite\$" negate="true" /> <add input="{HTTPS}" pattern="^off$" /> </conditions> <action type="Redirect" url="mysite/{R:1}" /> </rule> </rules> </rewrite> </system.webServer> </configuration>mysite - > mysite http://www.mysite - > mysite https:// www .mysite - > mysite
mysite -> mysite www.mysite -> mysite www.mysite -> mysite
这是简单而且有效,但是只有一些优雅的MVC解决方案仍然会很好。
This is simple and it works, but it would still be nice to have some sort of elegant MVC only solution.
更多推荐
.NET MVC 2 RequireHttps
发布评论