public sealed class EnforceHttpsMiddleware
{
private RequestDelegate Next { get; }
public EnforceHttpsMiddleware(RequestDelegate next)
{
Next = next;
}
public async Task Invoke(HttpContext context)
{
HttpRequest request = context.Request;
if (request.IsHttps) await Next(context);
var url = ConvertToHttpsUri(request).ToString();
context.Response.Redirect(url, permanent: true);
}
private Uri ConvertToHttpsUri(HttpRequest request)
{
// URL has the form
// scheme://user:password@host:port/path#fragment?querystring
// user and password are not needed here
using(var builder = new UriBuilder())
{
builder.Scheme = "https";
builder.Host = request.Host;
builder.Port = request.Port;
builder.Path = request.Path;
builder.Fragment = request.Fragment;
builder.Query = request.QueryString;
return builder.Uri;
}
}
}
public static class AppBuilderExtensions
{
public static IApplicationBuilder UseHttpsEnforcement(this IApplicationBuilder app)
{
if (app == null) throw new ArgumentNullException(nameof(app));
return app.UseMiddleware<EnforceHttpsMiddleware>();
}
}
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
else
{
app.UseHttpsEnforcement();
}
using Microsoft.AspNetCore.Mvc;
public void ConfigureServices(IServiceCollection services)
{
services.Configure<MvcOptions>(options =>
{
options.Filters.Add(new RequireHttpsAttribute()); // assume every controller has [RequireHttps] attribute
});
// ...
}
using Microsoft.AspNetCore.Rewrite;
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
var options = new RewriteOptions()
.AddRedirectToHttps();
// ...
}