The technique that I had used for years in classic ASP didn't seem to work reliably in ASP.NET, so I switched to this based on articles on various blogs. Request and Response are fully qualified because I had trouble getting System.Web.HttpContext.Current to import in AppCode. Place the function in an AppCode library, import the library on your page, and call ForceSSL() at the top of Page_Load().
- ' Force communication using Secure Socket Layer.
- Public Shared Sub ForceSSL()
- If Not System.Web.HttpContext.Current.Request.IsSecureConnection Then
- ' redirect visitor to SSL connection
- System.Web.HttpContext.Current.Response.Redirect(System.Web.HttpContext.Current.Request.Url.AbsoluteUri.Replace("http://", "https://"))
- End If
- End Sub
You need to login to post a comment.