【发布时间】:2009-12-09 04:47:37
【问题描述】:
我使用从 MVC 期货中获取的这段代码,并将属性 RequireSsl 附加到一个操作。 它适用于像http://localhost/de/Account/Login 这样的简单 URL,但如果我有一个查询字符串,则问号会被 url 编码并且请求失败。
http://localhost/de/Account/Login?test=omg 重定向到 https://localhost/de/Account/Login%3Ftest=omg。有人搞定了吗?
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public sealed class RequireSslAttribute : FilterAttribute, IAuthorizationFilter
{
public RequireSslAttribute()
{
Redirect = true;
}
public bool Redirect { get; set; }
public void OnAuthorization(AuthorizationContext filterContext)
{
//Validate.IsNotNull(filterContext, "filterContext");
if (!Configuration.EnableSSL) return;
if (!filterContext.HttpContext.Request.IsSecureConnection)
{
// request is not SSL-protected, so throw or redirect
if (Redirect)
{
// form new URL
UriBuilder builder = new UriBuilder
{
Scheme = "https",
Host = filterContext.HttpContext.Request.Url.Host,
// use the RawUrl since it works with URL Rewriting
Path = filterContext.HttpContext.Request.RawUrl
};
filterContext.Result = new RedirectResult(builder.ToString());
}
else
{
throw new HttpException((int)HttpStatusCode.Forbidden, "Access forbidden. The requested resource requires an SSL connection.");
}
}
}
}
【问题讨论】:
标签: asp.net-mvc ssl