In my project, I have an .ashx page which accepts POST requests from outside, and collects a string variable by using this code:
string infoPost = httpRequest["infoPost"].ToString();
This code works perfectly on my local, or an IIS server.
The problem started when I published it to an IIS server which I dont have control over it. Somehow the object was coming empty and I was getting "Object reference not set to an instance of an object." error on this code.
I did a bit of research, and found out that the SecureConnection setting is causing the problem. IIS server converts all "http" requests to "https", but it loses infoPost variable while doing that. I tested this idea by calling this page with "https" directly, and this time the code worked perfectly, and I grabbed the posted string.
But I dont want hardcoded job. I tried to understand if the website set as a secureconnection or not by using this code:
string strSecure = "http://";
if (HttpContext.Current.Request.IsSecureConnection)
strSecure = "https://";
Again, this code worked well on my local, but doesn't work on the IIS I mentioned.
Sorry for the long explanation, here are my questions in simple:
You don't want POSTed values to redirect from http to https, that would be a security hole. The purpose of this feature is to force you to confront whatever it is in the application that is POSTing values in clear-text, because they are being exposed before the redirect ever happens.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.