I have a web application hosted on multiple servers some of which are on https. How can I check from code behind if a page is currently in http or https?
Fortunately, there are two quick checks to help you be certain: Look at the uniform resource locator (URL) of the website. A secure URL should begin with “https” rather than “http.” The “s” in “https” stands for secure, which indicates that the site is using a Secure Sockets Layer (SSL) Certificate.
To check if a Url is valid in C# you can use Uri. TryCreate() method which creates a new Uri and it does not throw an exception if the Uri cannot be created, it will return a bool if it was created successfully.
HTTPS Redirection Middleware (UseHttpsRedirection) to redirect HTTP requests to HTTPS. HSTS Middleware (UseHsts) to send HTTP Strict Transport Security Protocol (HSTS) headers to clients.
Per OWASP, HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that's specified by a web app through the use of a response header. When a browser that supports HSTS receives this header: The browser stores configuration for the domain that prevents sending any communication over HTTP.
You can refer to the Request.IsSecureConnection
property on the HttpRequest
class. For a full reference outside a page, user control or alike, use HttpContext.Current.Request.IsSecureConnection
.
Page.Request.Url.Scheme
works as well. It returns http
, https
, etc.
Ref: http://msdn.microsoft.com/en-us/library/system.uri.scheme.aspx
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With