Consider adding a RequireHttps middleware #31
Comments
|
BTW in MVC it's called |
rynowak
changed the title
|
Fixed, thanks! |
|
It should probably share the options and all that. |
|
Do we want to do this for RC2? Doesn't seem to hard, though I'm not sure about the testing. |
|
If we want MVC and this middleware to share the option value (not a bad idea, I think), then we'd need a little bit of design on this. I don't think we've ever had this kind of sharing of configuration data before. |
|
Cors and authz do this I think? |
|
Currently SslPort is the only option the RequireHttps is using. It resides in MvcOption right now, but ideally we wouldn't have the RequireHttps Middleware depending on Mvc. What should we do about this? CORS has the CorsPolicy class which Mvc depends on to share options, we could do the same thing and have Mvc depend on BasicMiddleware... |
|
I don't think it's necessary to share the options. I guess many people will use only one of both methods. And since HTTPS will get more and more common, people will just want to forward everything to HTTPS - hence I believe that having a middleware is even more important than having the Not sharing the options would simplify this middleware. But of course, +1 on supporting custom ports. This is a must-have for Azure Service Fabric. |
|
We may do this as part of the UrlRewrite project |
|
@Tratcher I'm parking on your plate in the meantime. |
|
This was added to the Rewrite middleware. https://github.com/aspnet/BasicMiddleware/blob/dev/src/Microsoft.AspNetCore.Rewrite/RewriteOptionsExtensions.cs#L96. I don't think we need an independent middleware for it. @muratg I recommend we close this as done for 1.1. |
|
I agree, this is a better solution 👍 |
We have [RequireHttps] in MVC as a filter that redirects you to
https://- we should consider adding the same kind of thing as a middleware.The text was updated successfully, but these errors were encountered: