Tag: redirect

Azure App Service – Force redirect from HTTP to HTTPS the easy way!

Once you have uploaded your SSL certificates to your Azure App Service and then configured the bindings (if you are using your own custom domains), there are two ways to force ALL requests to be redirected  from HTTP to HTTPS. The ‘Developer way‘ and the ‘Easy, no code way‘! Continue reading “Azure App Service – Force redirect from HTTP to HTTPS the easy way!”

.Net MVC 3 Logon does not redirect out the box–quick fix!

It seems that the templates for MVC 3 razor are not quite complete. If you attempt to browse to a page where authentication is required, then you will be redirect to the Logon page with a ReturnUrl query string.

Something like:

http://mysite.com/Account/LogOn?ReturnUrl=%2fThePageIWant

That’s great except, out the box, the Logon page does not make use of this and the destination page is not redirected to after a successful login. The fix is easy.

Add the returnUrl route value into the Html.BeginForm method as shown below.

Html.BeginForm("LogOn", "Account", new { returnUrl = Request.QueryString["ReturnUrl"] })

You should already have some code in the controller that does some sanity checking on the returnUrl before doing the redirect. Somthing like:

if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
       && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
    return Redirect(returnUrl);
}

Make sure this is after the SetAuthCookie line!

Redirecting MVC controller to HTTPS if required

Check out this excellent blog on how to create a simple ActionFilterAttribute that handles redirecting to https:// if required.

http://weblogs.asp.net/dwahlin/archive/2009/08/25/requiring-ssl-for-asp-net-mvc-controllers.aspx

then just decorate your whole Controller ot ActionResult method with

[RequiresSSL]
 public class AccountController : Controller
 {
 ...
 }