Enforce SSL in code in an ashx handler
https://stackoverflow.com/questions/59000
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have a site, which contains several ashx handlers, on a couple of the handlers I want to reject non-SSL requests. Is there a way that I can do this in code?
Solution
If you must do it programmatically, a way I've done it in the past is to inspect the url and look for "https" in it. Redirect if you don't see that. Request.IsSecureConnection should be the preferred method, however. You may have to add additional logic to handle a loopback address.
OTHER TIPS
I think the proper way is to check the Request.IsSecureConnection property and redirect or throw if it's false
Try using the System.Web.HttpContext.Current.Request.IsSecureConnection to validate whether they are connecting securely, and then perform whatever denies you would like after that (returning an error message, or whatever your business need is).
