stackoom
  简体   繁体   中英

How to exclude path from HTTPS-redirection in ASP.NET Core?

 原文  2020-12-20 01:06:05       c#/ asp.net-core/ redirect/ iis/ https-redirect

Question

I'm having a problem: I have ASP.NET Core listening to HTTPS on port 44322, and to HTTP on port 51851.

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:51851",
      "sslPort": 44322
    }
  },

Now I want to add HTTPS-redirection, but only for everything except:

http://localhost:51851/.well-known/acme-challenge/*

eg http://localhost:51851/.well-known/acme-challenge/token.txt should not be redirected to HTTPS. From what I can google, this should go like this:

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;


namespace TestApplicationHttps
{


    public class Startup
    {

        public IConfiguration Configuration { get; }


        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }


        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddHttpsRedirection(options =>
            {
                if(System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform(System.Runtime.InteropServices.OSPlatform.Windows))
                    // options.HttpsPort = 443;
                    options.HttpsPort = 44322;
                else 
                    options.HttpsPort = 5005;
            });
            

            services.AddRazorPages();
        } // End Sub ConfigureServices 


        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            app.UseForwardedHeaders(new ForwardedHeadersOptions
            {
                ForwardedHeaders = Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedFor 
                    | Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedProto
            });

            
            
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseExceptionHandler("/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }


            // app.UseHttpsRedirection();

            app.MapWhen(
                delegate(Microsoft.AspNetCore.Http.HttpContext httpContext)
                {
                    // http://localhost:51851/.well-known/acme-challenge/token.txt
                    // http://localhost:51851/Privacy
                    bool b = !httpContext.Request.Path.StartsWithSegments("/.well-known/acme-challenge/");
                    return b;
                }
                ,
                delegate (IApplicationBuilder appBuilder)
                {
                    appBuilder.UseHttpsRedirection();
                }
            );

            app.UseStaticFiles();
            app.UseRouting();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapRazorPages();
            });

        } // End Sub Configure 


    } // End Class Startup 


} // End Namespace TestApplicationHttps

But if I do it like this, I get:

No webpage was found for the web address: https://localhost:44322/
HTTP ERROR 404

On the other hand, if I change it to

bool b = httpContext.Request.Path.StartsWithSegments("/.well-known/acme-challenge/");

such as

app.MapWhen(
    delegate(Microsoft.AspNetCore.Http.HttpContext httpContext)
    {
        // http://localhost:51851/.well-known/acme-challenge/token.txt
        // http://localhost:51851/Privacy
        bool b = httpContext.Request.Path.StartsWithSegments("/.well-known/acme-challenge/");
        return b;
    }
    ,
    delegate (IApplicationBuilder appBuilder)
    {
        // appBuilder.UseHttpsRedirection();
        appBuilder.UseStaticFiles();
        appBuilder.UseRouting();
        appBuilder.UseAuthorization();

        appBuilder.UseEndpoints(endpoints =>
        {
            endpoints.MapRazorPages();
        });
    }
);


app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthorization();

app.UseEndpoints(endpoints =>
{
    endpoints.MapRazorPages();
});

then it just keeps redirecting http to https everywhere...

How can I exclude that path from HTTPS-redirection?

1 answers

solution1
 1 ACCPTED  2020-12-20 01:48:01

Ah, never mind.
There were 2 issues:

  • First: MapWhen will terminate the pipeline .
    So if you want the pipeline to continue after this, you have to use app. UseWhen instead.
  • Second: The argument to StartsWithSegments may not end with /, so it's
    StartsWithSegments("/.well-known/acme-challenge");

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.NET Core 2.1 no HTTP/HTTPS redirection in App Engine How to exclude a specific path in ASP.NET Core 5 so that the request is processed by ASP.NET and not by the static files? Detect URL redirection + ASP.NET Core asp.net core exclude files from the build Exclude specific controller from logging in asp.net core ASP.NET Core on .NET 4.6 - how to do https Exclude folder in ASP.NET Core 2 How do I exclude project dependencies in ASP.NET Core? How can I exclude a controller from ASP.NET Core 3 Attribute Routing How do I test an https redirect in ASP.NET Core?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM