Home/ Questions/Q 4051742
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T14:13:57+00:00

So in my code I want to detect if my login page is being

  • 0

So in my code I want to detect if my login page is being called http, and redirect it to https.

I know there are non code ways to skin this cat, but for frustrating technical reasosn I’m backed into doing it in code.

            if (!Request.IsSecureConnection)
            {
                string redirectUrl = Request.Url.ToString().Replace("http:", "https:");
                Response.Redirect(redirectUrl);
            }

So I drop this in my Page_Load(...), make sure my debugger uses real IIS, not VS2008s IIS, and hit debug.

Inthe debugger, waltz along, hit
Response.Redirect(“https://localhost/StudentPortal3G/AccessControl/AdLogin.aspx“),
hit f5.

Get “Internet Explorere Cannot Display the webpage, url is HTTP, not HTTPS.
Not getting an informative error… same thing happens not running in the debugger.

So what am I missing? it does not appear to be rocket science, I’ve seen similar code on lots of blogs…

What am I doing wrong? I figure it has to be a totally obvious Rookie mistake, but I’m not seeing it.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’d do a !Request.IsLocal as well to make sure that I’m not debugging, though if you’re using a real instance of IIS with a cert applied when debugging that shouldn’t be an issue.

    if (!Request.IsLocal && !Request.IsSecureConnection)
{
    string redirectUrl = Request.Url.ToString().Replace("http:", "https:");
    Response.Redirect(redirectUrl, false);
    HttpContext.ApplicationInstance.CompleteRequest();
}

    Note: This answer assumes an MVC context within a Controller where HttpContext is a property holding the current context. If you’re unlucky enough to still be using WebForms or are referencing the context in a degenerate way you will need to use HttpContext.Current.ApplicationInstance.CompleteRequest().

    Note: I’ve updated this to be consistent with the recommended pattern to terminate the request according to the framework documentation.

    When you use this method in a page handler to terminate a request for
    one page and start a new request for another page, set endResponse to
    false and then call the CompleteRequest method. If you specify true
    for the endResponse parameter, this method calls the End method for
    the original request, which throws a ThreadAbortException exception
    when it completes. This exception has a detrimental effect on Web
    application performance, which is why passing false for the
    endResponse parameter is recommended. For more information, see the
    End method.

    • 0