[英]Force http to https redirect across entire Angular app
I've got an Angular (6)
app using .net Web API
w/ Windows Authentication. 我有一个使用
.net Web API
和Windows身份验证的Angular (6)
应用程序。 Both are deployed to the same development web server, which has a valid SSL Certificate. 两者都部署到具有有效SSL证书的同一开发Web服务器上。
I'm trying to force an http to https
redirect on all my pages. 我试图在所有页面上强制将
http to https
重定向http to https
。 I've got the Web API
side handled - all the /api
paths to redirect to https
via Kudvenkat's simple tutorial: http://csharp-video-tutorials.blogspot.com/2016/09/aspnet-web-api-enable-https.html 我已经处理了
Web API
一面-所有/api
路径都可以通过Kudvenkat的简单教程重定向到https
: http ://csharp-video-tutorials.blogspot.com/2016/09/aspnet-web-api-enable- https.html
Create a RequireHttpsAttribute.cs class: 创建一个RequireHttpsAttribute.cs类:
using System;
using System.Net;
using System.Net.Http;
using System.Text;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
namespace api
{
public class RequireHttpsAttribute : AuthorizationFilterAttribute
{
public override void OnAuthorization(HttpActionContext actionContext)
{
if (actionContext.Request.RequestUri.Scheme != Uri.UriSchemeHttps)
{
actionContext.Response = actionContext.Request
.CreateResponse(HttpStatusCode.Found);
actionContext.Response.Content = new StringContent
("<p>Use https instead of http</p>", Encoding.UTF8, "text/html");
UriBuilder uriBuilder = new UriBuilder(actionContext.Request.RequestUri);
uriBuilder.Scheme = Uri.UriSchemeHttps;
uriBuilder.Port = 443;
actionContext.Response.Headers.Location = uriBuilder.Uri;
}
else
{
base.OnAuthorization(actionContext);
}
}
}
}
WebApiConfig.cs: WebApiConfig.cs:
public static void Register(HttpConfiguration config)
{
config.Filters.Add(new RequireHttpsAttribute());
}
But as far as Angular routes (routes that don't look like https://myurl.com/api
, but instead look like https://myurl.com/index.html#
), I can't get these to redirect to https
. 但据角路线(路线不样子
https://myurl.com/api
,而是像https://myurl.com/index.html#
),我不能让这些重定向到https
。 Is it normal to have to specify http to https
redirects both in the Web API
code and in the Angular
code? 在
Web API
代码和Angular
代码中都必须将http to https
重定向http to https
重定向是否正常?
If not, perhaps we need to configure our webserver to only use https
? 如果不是,也许我们需要将我们的网络服务器配置为仅使用
https
?
I do it by using a URL rewrite in web.config, like below: 我通过在web.config中使用URL重写来做到这一点,如下所示:
<system.webServer>
<rewrite>
<rules>
<rule name="HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
This should handle both WebApi and MVC/HTML/etc. 这应该处理WebApi和MVC / HTML / etc。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.