Menu
The default startup code created for my ASP.NET Core Razor Pages application includes the following code:
app.UseHttpsRedirection();
This seems to be hit or miss. Right now, on my development machine, editing the URL in the address bar so it uses HTTP instead of HTTPS gives me a The connection was reset error.
Also, I found the AddRedirectToHttpsPermanent() option, which can be passed to app.UseRewriter().
At this point, I'm unclear why app.UseHttpsRedirection() doesn't appear to work, or if I should be using UseRewriter().
Has anyone figured this out?
765
The redirect works as expected. HTTP and HTTPS use different ports.
By only removing the s from the url: https://localhost:44336, your are trying to do HTTP to an application port that expects HTTPS, which is not supported. For the redirect to work, you need to contact the HTTP port, using HTTP.
Using the designated HTTP url, http://localhost:53640, you'll see the application redirects as expected.
In my example, see launchSettings.json it's defined as follows:
"applicationUrl": "http://localhost:53640"
So whats happening here is the following:
* in physical world there is no such thing as a HTTPS or HTTP port, since it's defined at level 7 OSI.
The UseHttpsRedirection, routes inbound HTTP traffic, on the HTTP port to HTTPS traffic on the HTTPS port.
When an URL in a browser does not specify a port number, it defaults to the port typically used by the protocol. Being port 80 for HTTP, and 443 for HTTPS.
To prevent port collisions, Visual Studio uses non standard ports by default to debug. You can see them in the 'launchSettings.json` file.
Mine looks like this:
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:53640",
"sslPort": 44336
}
},
Note the 2 port numbers. The redirect only works at (and to) the designated ports.
HTTP is accepted at 53640, HTTPS is accepted at 44336.
By changing removing the s in the URL bar, you are changing:
https://localhost:44336
to
http://localhost:44336
Note, since you did not adjust the port, you're trying to connect with HTTP on a HTTPS port. This scenario is not covered by the redirect and will fail.
Only http://localhost:53640 will redirect to https://localhost:44336. Just HTTP: http://localhost:44336 will result in a connection reset.
In normal circumstances, you release your application to a webserver, using the default ports (80 for HTTP and 443 for HTTPS, with appropriate certificate).
Since the browser the user is using also uses these default ports, the redirect works well, since:
http://example.org will actually translate to http://example.org:80 and https://example.org will translate to https://example.org:443
and thus, this will magically work out of the box:
http://example.org:80 will redirect to https://example.org:443
The browser just doesn't show the port numbers.
To locate the launchSettings.json file: The file in VS:
If that doesn't help, possibly the order of app.Use... is wrong.
Basically it are extensions registering middleware. The order is important.
Normally, initially the redirect is configured, afterward MVC. Like so:
app.UseHttpsRedirection();
app.UseMvc();
app.UseOtherMiddleWare();
If you reverse the order, possibly you'll hit an error earlier in the pipeline and the redirect is not executed.
141
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
