[英]Why redirections on my site take me to azure.websites.net instead my domain?
I have configured my web app to time out on idle by setting the following in the Startup.auth.cs file: 通过在Startup.auth.cs文件中设置以下内容,我已将Web应用程序配置为在空闲时超时:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
ExpireTimeSpan = TimeSpan.FromHours(1),
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
SlidingExpiration = true,
....
}
My web app is behind a Virtual Network--->Application Gateway. 我的Web应用程序位于虚拟网络->应用程序网关的后面。 The AG forwards the requests to the web app.
AG将请求转发到Web应用程序。 I have also got rules that prevent direct access (ie myapp.azurewebsites.com) to the web app.
我也有阻止直接访问Web应用程序的规则(即myapp.azurewebsites.com)。
Now when the session times out, I get redirected to: 现在,当会话超时时,我将重定向到:
https://myapp.azurewebsites.net/Account/Login?ReturnUrl=%2Fcustomerarea https://myapp.azurewebsites.net/Account/Login?ReturnUrl=%2Fcustomerarea
which is a blue screen with error 403(correct error), instead of my own domain like: 这是一个蓝屏,显示错误403(正确的错误),而不是我自己的域,例如:
https://example.com/Account/Login?ReturnUrl=%2Fcustomerarea https://example.com/Account/Login?ReturnUrl=%2Fcustomerarea
Anyone knows why I would get this behavior? 谁知道我为什么会出现这种情况? thanks.
谢谢。
Edit : more info...it looks like any redirect causes the above problem. 编辑 :更多信息...它看起来像任何重定向导致上述问题。 So if I enter a URL https://example.com/customerarea which requires the user to login, then the redirected URL to the login page, has the azurewebsites.net in its address.
因此,如果我输入要求用户登录的URL https://example.com/customerarea ,则重定向到登录页面的URL在其地址中具有azurewebsites.net。
Any redirects without explicit host portions in the ASP.NET ecosystem will go to the host portion provided by the current HttpContext.Request
. 在ASP.NET生态系统中没有显式主机部分的任何重定向都将转到当前
HttpContext.Request
提供的主机部分。
Your application gateway will make the final request to your application (like a proxy) and addresses it as your .azurewebsites.net domain → meaning your ASP.NET app doesn't know about the original request to the gateway. 您的应用程序网关将向您的应用程序(如代理服务器)发出最终请求,并将其作为您的.azurewebsites.net域寻址→这意味着您的ASP.NET应用程序不知道对网关的原始请求。
What you will need to do is to set the incoming request hostname to the original hostname from the request that went to your Application Gateway. 您需要做的是将传入的请求主机名设置为发送到您的应用程序网关的请求中的原始主机名。
This documentation page (It's ASP.NET Core, but the same principle holds true for asp.net-mvc-5) should allow you to get an insight on how to overwrite your incoming HttpContext.Request hostname to the original. 该文档页面 (它是ASP.NET Core,但对asp.net-mvc-5而言,也是相同的原理)应使您能够深入了解如何将传入的HttpContext.Request主机名覆盖为原始主机名。 There are of course multiple ways.
当然有多种方法。
Both approaches will just require extra middleware to override the current request according to the information gathered by either of these approaches. 两种方法都只需要额外的中间件,即可根据这两种方法中的任何一种收集的信息来覆盖当前请求。
So the above answer is correct. 因此以上答案是正确的。 I am adding more information on how that fixes the problem in an MVC 5 web app.
我将添加有关如何解决MVC 5 Web应用程序中问题的更多信息。 According to Microsoft's Application Gateway FAQ :
根据Microsoft的Application Gateway常见问题解答 :
Application Gateway also inserts X-Original-Host header that contains the original Host header with which the request arrived. Application Gateway还插入X-Original-Host标头,该标头包含请求到达的原始Host标头。 This header is useful in scenarios like Azure Website integration, where the incoming host header is modified before traffic is routed to the backend.
此标头在Azure网站集成等方案中很有用,在该方案中,在将流量路由到后端之前修改传入的主机标头。
So to fix, I added the following code at the top of my Configuration (IAppBuilder app)
method in the start.cs file: 因此,为了解决此问题,我在start.cs文件的
Configuration (IAppBuilder app)
方法的顶部添加了以下代码:
app.Use(async (context, next) =>
{
if (context.Request.Headers.GetValues("X-Original-Host") != null)
{
var originalHost = context.Request.Headers.GetValues("X-Original-Host").FirstOrDefault();
context.Request.Headers.Set("Host", originalHost);
}
await next.Invoke();
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.