問題描述
在 IIS 7.5 上運行的 ASP.NET 應用程序上強制使用 Https (Force Https on an ASP.NET app running on IIS 7.5)
I am forcing SSL on my entire site with the following code on my web.config file;
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect HTTP to HTTPS" stopProcessing="true">
<match url="(.*)"/>
<conditions>
<add input="{HTTPS}" pattern="^OFF$"/>
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther"/>
</rule>
</rules>
</rewrite>
</system.webServer>
but what I would like to do is to force ssl only the ~/purchase/
and ~/account/
path and under them. what should be the match url for that?
NOTE Regular Expressions also would work for me here as well as wildcard.
‑‑‑‑‑
參考解法
方法 1:
You should use this pattern (this will work for /purchase/something
as well as /account/something‑else
):
^((purchase|account)/.*)$
You have to remember, that URL should have no leading slash /
.
<?xml version="1.0" encoding="UTF‑8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Force HTTPS" stopProcessing="true">
<match url="^((purchase|account)/.*)$" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
方法 2:
you would do something like this (2 separate rules for simplicity)
<match url="/purchase/(.*)"/>
(by tugberk、LazyOne、Peter Bromberg)