Change From HTTP To HTTPS On PostBack

  • Thread starter Thread starter Andrew Hayes
  • Start date Start date
A

Andrew Hayes

I have a C#.NET web app that includes a list of service offerings, with a
button on each one for requesting additional information where the person
enters basic details like name, email address, etc.

However, due to privacy laws, any personal information gathered this way
must be over a secure connection, using SSL or TLS.

The way I have it coded right now is that the form, a FormView control and
associated DataSources, is hidden until the request button is clicked, then
it is shown.

Rather than redirecting the user to a new page, is there a way to change
from HTTP to HTTPS when the FormView is shown in the Page_Load event?
 
Rather than redirecting the user to a new page, is there a way to change
from HTTP to HTTPS when the FormView is shown in the Page_Load event?
Click to expand...

No. HTTP and HTTPS does not even run on the same port (80 vs 443). Thus,
the only way to change from HTTP to HTTPS is to tell the client to connect
on the other port (using another scheme/protocol). Due to the
request-response style protocol, the only way to do this is to send a
response containing the URL with the correct scheme.

An idea: whenever you are about to display the FormView, check the value
of Request.IsSecureConnection. If this one is false, do a redirect to a
patched URL, where HTTP is replaced with HTTPS, and some kind of locator
is added to the query string. When the page loads, check if a locator is
in your query string. If the locator is there, display the relevant
FormView - given that the connection is secure of course. If you wish, you
can redirect back to HTTP after the form data is recieved.
 
Thanks for the comments. I'll repost to the ASP.NET group, which I couldn't
find before because it's buried under Data Access for some reason, and since
my code-behind is in C# this was the next best group to post to.
 
Back
Top