As we all know, HTTP is not secure. It is easy for evil people to listen the HTTP conversation between client and server. If our application is using AJAX to send/retrieve data from server, we are at a high risk.
No other methods can prevent the Man-In-The-Middle attack, except HTTPS protocol.
To do so, we need to ensure that people is using HTTPS protocol instead of HTTP.
I will share with you the solution that I did to make the Web Application automatically redirect to the HTTPS protocol.
First Step: Create App_Code folder in your ASP.NET web root
Second Step: Create the redirect class
RedirectHttpModule.cs
using System; using System.Web; namespace myMVCProject.App_Code { public class RedirectHttpModule: IHttpModule { public RedirectHttpModule() { } public String ModuleName { get { return "RedirectHttpModule"; } } public void Init(HttpApplication app) { app.BeginRequest += (new EventHandler(this.BeginRequest)); } public void BeginRequest(Object source, EventArgs e) { HttpApplication app = (HttpApplication)source; HttpContext ctx = app.Context; if (ctx.Request.Url.OriginalString.ToLower().StartsWith("http://")) { ctx.Response.Redirect("https://" + ctx.Request.Url.Host + ctx.Request.Url.LocalPath + ctx.Request.Url.Query); } } public void Dispose() { } } }
Third Step: Modify your web.config
...... ......
I hope it helps 😉
loading...
About Hardono
Incoming Search
.net, c#, iis
this is good code thanks
its work for me, thanks for sharing