在整个Angular应用中强制将HTTP重定向到https
[英]Force http to https redirect across entire Angular app
问题描述
I've got an Angular (6) app using .net Web API w/ Windows Authentication. 
我有一个使用.net Web API和Windows身份验证的Angular (6)应用程序。 Both are deployed to the same development web server, which has a valid SSL Certificate. 两者都部署到具有有效SSL证书的同一开发Web服务器上。
I'm trying to force an http to https redirect on all my pages. 我试图在所有页面上强制将http to https重定向http to https 。 I've got the Web API side handled - all the /api paths to redirect to https via Kudvenkat's simple tutorial: http://csharp-video-tutorials.blogspot.com/2016/09/aspnet-web-api-enable-https.html 我已经处理了Web API一面-所有/api路径都可以通过Kudvenkat的简单教程重定向到https : http ://csharp-video-tutorials.blogspot.com/2016/09/aspnet-web-api-enable- https.html
Create a RequireHttpsAttribute.cs class: 创建一个RequireHttpsAttribute.cs类:
using System;
using System.Net;
using System.Net.Http;
using System.Text;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
namespace api
{
public class RequireHttpsAttribute : AuthorizationFilterAttribute
{
public override void OnAuthorization(HttpActionContext actionContext)
{
if (actionContext.Request.RequestUri.Scheme != Uri.UriSchemeHttps)
{
actionContext.Response = actionContext.Request
.CreateResponse(HttpStatusCode.Found);
actionContext.Response.Content = new StringContent
("<p>Use https instead of http</p>", Encoding.UTF8, "text/html");
UriBuilder uriBuilder = new UriBuilder(actionContext.Request.RequestUri);
uriBuilder.Scheme = Uri.UriSchemeHttps;
uriBuilder.Port = 443;
actionContext.Response.Headers.Location = uriBuilder.Uri;
}
else
{
base.OnAuthorization(actionContext);
}
}
}
}
WebApiConfig.cs: WebApiConfig.cs:
public static void Register(HttpConfiguration config)
{
config.Filters.Add(new RequireHttpsAttribute());
}
But as far as Angular routes (routes that don't look like https://myurl.com/api , but instead look like https://myurl.com/index.html# ), I can't get these to redirect to https . 但据角路线(路线不样子https://myurl.com/api ,而是像https://myurl.com/index.html# ),我不能让这些重定向到https 。 Is it normal to have to specify http to https redirects both in the Web API code and in the Angular code? 在Web API代码和Angular代码中都必须将http to https重定向http to https重定向是否正常?
If not, perhaps we need to configure our webserver to only use https ? 如果不是,也许我们需要将我们的网络服务器配置为仅使用https ?
1 个解决方案
解决方案1
1 已采纳 2018-08-19 17:54:32
I do it by using a URL rewrite in web.config, like below: 我通过在web.config中使用URL重写来做到这一点,如下所示:
<system.webServer>
<rewrite>
<rules>
<rule name="HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
This should handle both WebApi and MVC/HTML/etc. 这应该处理WebApi和MVC / HTML / etc。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.