Databases
StackOverflow2013
Postsdbo
POWhy does IIS respond to a secure(SSL) page request with a 302 to its non-secure version?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POWhy does IIS respond to a secure(SSL) page request with a 302 to its non-secure version?
    text
    copied!<p>I have SSL installed at the root of a server. I have a page whose code behind code is supposed to redirect after certain validation to a secure page. Here's the redirect code:</p> <pre><code>switch (PageBase2.GetParameterValue("Environment")) //Retrieves App Setting named Environment from web.config { case "Server": strURL = @"https://" + HttpContext.Current.Request.Url.Authority + "/checkout/payment.aspx"; break; case "Local": strURL = @"http://" + HttpContext.Current.Request.Url.Authority + "/checkout/payment.aspx"; break; default: strURL = @"https://" + HttpContext.Current.Request.Url.Authority + "/checkout/payment.aspx"; break; } Response.Redirect(strURL, false); </code></pre> <p>But the page that's been served by IIS is non-secure. I looked at the firebug console and it appears that the client does make a get request to <a href="https://server/checkout/payment.aspx" rel="nofollow noreferrer">https://server/checkout/payment.aspx</a> but IIS responds with a 302 to <a href="http://server/checkout/payment.aspx" rel="nofollow noreferrer">http://server/checkout/payment.aspx</a> Any clues, as to what could be causing it. I've even tried forcing SSL for the page, but it doesn't work I get 403.4 error. (SSL is required to view this resource.) And if i remove the redirection logic and code the payment page to redirect to its SSL version when the connection is not secure using Request.IsSecureConnection, i end up with an endless redirect loop, simply because IIS still won't serve the secure version without a 302. Any ideas?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload