Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C# ASP.NET
Pls some one tell that how to change url in browser from http://Login.aspx tp https://Login.aspx
I want to secure my page from this functionality, pls some one tell that how do this in asp.net c#
Posted 12-Sep-11 8:26am
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

a little research on this forum leads to:
Automatically Switch from HTTP to HTTPS[^]
  Permalink  
Comments
Uday P.Singh at 12-Sep-11 15:10pm
   
nice link my 5!
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 3

In your Global.asax file
 
protected void Application_BeginRequest(object sender, EventArgs e)
      {
          string path = HttpContext.Current.Request.Url.AbsolutePath;
 
          if (HttpContext.Current.Request.ServerVariables["HTTPS"] == "on")
          {
              if (SecurePath.IsSecure(path))
              {
                  //do nothing
              }
              else
              {
                  HttpContext.Current.Response.Redirect(HttpContext.Current.Request.Url.AbsoluteUri.Replace("https://", "http://"));
                  return;
              }
          }
 
          if (HttpContext.Current.Request.ServerVariables["HTTPS"] != "on")
          {
              if (SecurePath.IsSecure(path))
              {
                  //Redirect to https version
                  HttpContext.Current.Response.Redirect(HttpContext.Current.Request.Url.AbsoluteUri.Replace("http://", "https://"));
              }
          }
 

      }
 
Here is the definition for SecurePath Class
 
 
#region "SecurePath Class"
public class SecurePath
{
 
    public static bool IsSecure(string path)
    {
        List<securepage> lstPages = new List<securepage>();
 
        bool isSecure = false;
 
        try
        {
            //Fill the list of pages defined in web.config
            NameValueCollection sectionPages = (NameValueCollection)ConfigurationManager.GetSection("SecurePages");
 
            foreach (string key in sectionPages)
            {
                if ((!string.IsNullOrEmpty(key)) && (!string.IsNullOrEmpty(sectionPages.Get(key))))
                {
                    lstPages.Add(new SecurePage { PathType = sectionPages.Get(key), Path = key });
                }
            }
 
            //loop through the list to match the path with the value in the list item
            foreach (SecurePage page in lstPages)
            {
                switch (page.PathType.ToLower().Trim())
                {
                    case "directory":
                        if (path.Contains(page.Path))
                        {
                            isSecure = true;
                        }
                        break;
                    case "page":
                        if (path.ToLower().Trim() == page.Path.ToLower().Trim())
                        {
                            isSecure = true;
                        }
                        break;
                    default:
                        isSecure = false;
                        break;
                }
            }
        }
        catch (Exception ex)
        {
            throw new Exception(ex.Message);
        }
 
        return isSecure;
    }
}
#endregion
</securepage></securepage>
 
Definition for securePage class
 
#region "SecurePage Class"
   public class SecurePage
   {
       string _path = "";
       string _pathType = "";
 
       public string Path
       {
           get { return this._path; }
           set { this._path = value; }
       }
 
       public string PathType
       {
           get { return this._pathType; }
           set { this._pathType = value; }
       }
   }
   #endregion
 
And in your web.config file add SecurePages section
 
<SecurePages>
 
     <add key="/Login.aspx" value="page" />
 
   <add key="/WebResource.axd" value="page"/>
   <add key="/ScriptResource.axd" value="page"/>
     
 </SecurePages>
 
P.S. :- I found this solution from someone on CP and used in my project. It works perfectly. Credit goes to the developer who implemented it.
  Permalink  
Comments
ravendarksky at 15-Aug-13 3:51am
   
Hi there,
 
Not sure anyone will see this but please DON'T just copy and paste this code. It's sloppy and can result in redirect loops. It also results in mixed HTTPS/HTTP pages being sent due to not handling AJAX stuff. (unsecure .axd files sent with a secure https page)
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 4

To secure your application you need to install SSL certificate in server
If you are using IIS in your PC
You have to create Self- SSL certificate and configure it in IIS.
Follow the link
How to Create SSL Secure Server (HTTPS) in Local IIS?[^]
 
If you are hosting it in internet. You have to buy SSL certificates from different providers.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Advertise | Privacy | Mobile
Web01 | 2.8.150305.1 | Last Updated 15 Aug 2013
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100