How do I ensure that my users can not physically type in http: to bypass my SSL and ensure that every page is https:?
Possibly a redirect on my master page?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
How do I ensure that my users can not physically type in http: to bypass my SSL and ensure that every page is https:?
Possibly a redirect on my master page?
This would generally be handled via IIS configuration or with an ISAPI filter, but if you want to do it in the application code, you could put something like this in the Page_Init event of your master page…