RequireHttpsAttribute Class

Definition

An authorization filter that confirms requests are received over HTTPS.

[System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=false, Inherited=true)]
public class RequireHttpsAttribute : Attribute, Microsoft.AspNetCore.Mvc.Filters.IAuthorizationFilter, Microsoft.AspNetCore.Mvc.Filters.IOrderedFilter
Inheritance
RequireHttpsAttribute
Attributes
Implements

Constructors

RequireHttpsAttribute()

Properties

Order
Permanent

Specifies whether a permanent redirect, 301 Moved Permanently, should be used instead of a temporary redirect, 302 Found.

Methods

HandleNonHttpsRequest(AuthorizationFilterContext)

Called from OnAuthorization(AuthorizationFilterContext) if the request is not received over HTTPS. Expectation is Result will not be null after this method returns.

OnAuthorization(AuthorizationFilterContext)

Called early in the filter pipeline to confirm request is authorized. Confirms requests are received over HTTPS. Takes no action for HTTPS requests. Otherwise if it was a GET request, sets Result to a result which will redirect the client to the HTTPS version of the request URI. Otherwise, sets Result to a result which will set the status code to 403 (Forbidden).