How does ASP.NET MVC 3 know to put https on links even when F5 (big-ip) is handling the ssl?

Question

On our site, we have F5's Big IP handling the SSL encrypting and decryption, and sending the request to port 80 on our server.

Since this is the first site we are doing with ASP.NET MVC, I was curious how it would handle @HTML.ActionLink's in the views. Surpisingly, it is putting https://. On our CI environment (which doesn't do the SSL), it is putting http:// on all the links.

We have other links to bring in javascript files, css files and images, and we are using a custom HTTP header added by F5 to the request so we can tell.

Does anyone know how ASP.NET MVC3 knows whether or not the links should have http:// or https://, as I would rather not have a custom HTTP header coming in, if there is a way we can use the same method.

Answer 1

IF you use RequireHttpsAttribute in your controller, this is one way. As it'll redirect to Https if called with Http.

Another important way that is likely your case is that it uses the current request path (Request.AbsoluteUrl) to make the links, so, if the original page is called using HTTPs, the links will be Https (from quick look at the code).

So, maybe the raw URL is coming to IIS to port 80 but with indicating that the URL includes Https. Try to output something like Request.ServerVariables[ "HTTP_URL" ] to confirm. I assume that Request.ServerVariables["HTTPS"] in your case as you describe it.