[英]Check for SSL when hosted in Rackspace (Mosso) Cloud
我正在使用Request.IsSecureConnection來檢查SSL並在適當的地方重定向。 在Rackspace的雲上運行我的asp.net網站時,服務器在SSL集群后運行,因此IsSecureConnection將始終返回false。 檢查URL是否包含“https://”,始終為false,檢查端口等等也是如此。因此網站陷入了大重定向循環。
是否有其他方法可以檢查SSL並在適當的位置重定向? 有人在Rackspace的雲上實際做過這個嗎?
Public Class SecurityAwarePage
Inherits Page
Private _requireSSL As Boolean = False
Public Property RequireSSL() As Boolean
Get
Return _requireSSL
End Get
Set(ByVal value As Boolean)
_requireSSL = value
End Set
End Property
Private ReadOnly Property IsSecure() As Boolean
Get
Return Request.IsSecureConnection
End Get
End Property
Protected Overrides Sub OnInit(ByVal e As System.EventArgs)
MyBase.OnInit(e)
PushSSL()
End Sub
Private Sub PushSSL()
Const SECURE As String = "https://"
Const UNSECURE As String = "http://"
If RequireSSL AndAlso Not IsSecure Then
Response.Redirect(Request.Url.ToString.Replace(UNSECURE, SECURE))
ElseIf Not RequireSSL AndAlso IsSecure Then
Response.Redirect(Request.Url.ToString.Replace(SECURE, UNSECURE))
End If
End Sub
End Class
雖然很難檢查SSL是否參與解決問題的方法是強制使用SSL。
您可以在web.config中重寫URL:
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_CLUSTER_HTTPS}" pattern="^on$" negate="true" />
<add input="{HTTP_CLUSTER-HTTPS}" pattern=".+" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{SCRIPT_NAME}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
您可以在ASP.NET中強制使用SSL:
<%@ Page Language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<script runat="server">
protected void Page_Load(object sender, System.EventArgs e)
{
if(Request.ServerVariables["HTTP_CLUSTER_HTTPS"] != "on")
{
if(Request.ServerVariables.Get("HTTP_CLUSTER-HTTPS") == null)
{
string xredir__, xqstr__;
xredir__ = "https://" + Request.ServerVariables["SERVER_NAME"];
xredir__ += Request.ServerVariables["SCRIPT_NAME"];
xqstr__ = Request.ServerVariables["QUERY_STRING"];
if (xqstr__ != "")
xredir__ = xredir__ + "?" + xqstr__;
Response.Redirect(xredir__);
}
}
Response.Write("SSL Only");
}
</script>
<html>
<head id="Head1" runat="server">
<title>SSL Only</title>
</head>
<body>
</body>
</html>
我遇到了與Rackspace Cloud同樣的問題,最后通過手動實現Request.IsSecureConnection()擴展方法並用我自己的方法替換框架的RequireHttpsAttribute來解決它。 希望其他人也會覺得這很有用。
/// <summary>
/// Replaces framework-provided RequireHttpsAttribute to disable SSL requirement for local requests
/// and properly enforce SSL requirement when used with Rackspace Cloud's load balancer
/// </summary>
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public class RequireHttpsAttribute : FilterAttribute, IAuthorizationFilter
{
public virtual void OnAuthorization(AuthorizationContext filterContext) {
if (filterContext == null) {
throw new ArgumentNullException("filterContext");
}
if (filterContext.HttpContext.Request.IsLocal)
return;
if (!filterContext.HttpContext.Request.IsSecureConnection()) {
HandleNonHttpsRequest(filterContext);
}
}
protected virtual void HandleNonHttpsRequest(AuthorizationContext filterContext) {
// only redirect for GET requests, otherwise the browser might not propagate the verb and request
// body correctly.
if (!String.Equals(filterContext.HttpContext.Request.HttpMethod, "GET", StringComparison.OrdinalIgnoreCase)) {
throw new InvalidOperationException("The requested resource can only be accessed via SSL.");
}
// redirect to HTTPS version of page
string url = "https://" + filterContext.HttpContext.Request.Url.Host + filterContext.HttpContext.Request.RawUrl;
filterContext.Result = new RedirectResult(url);
}
}
public static class Extensions {
/// <summary>
/// Gets a value which indicates whether the HTTP connection uses secure sockets (HTTPS protocol). Works with Rackspace Cloud's load balancer
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public static bool IsSecureConnection(this HttpRequestBase request) {
const string rackspaceSslVar = "HTTP_CLUSTER_HTTPS";
return (request.IsSecureConnection || (request.ServerVariables[rackspaceSslVar] != null || request.ServerVariables[rackspaceSslVar] == "on"));
}
/// <summary>
/// Gets a value which indicates whether the HTTP connection uses secure sockets (HTTPS protocol). Works with Rackspace Cloud's load balancer
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public static bool IsSecureConnection(this HttpRequest request) {
const string rackspaceSslVar = "HTTP_CLUSTER_HTTPS";
return (request.IsSecureConnection || (request.ServerVariables[rackspaceSslVar] != null || request.ServerVariables[rackspaceSslVar] == "on"));
}
}
在C#中將文件上傳到Rackspace Cloud Files時跟蹤進度
[英]Track progress when uploading file to Rackspace Cloud Files in C#
Rackspace雲文件REST API莫名其妙地收到錯誤的請求響應
[英]Rackspace cloud files REST api inexplicably getting bad request response
在機架式負載均衡器后面使用自托管Web API獲取客戶端IP
[英]Obtaining client IP using self-hosted web API behind rackspace hosted load balancer
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.