HTTPS question

Posted by Community Admin on 03-Aug-2018 14:42

HTTPS question

Sitefinity - General Discussions

All Replies

Posted by Community Admin on 16-Jan-2012 00:00

Hey I have a question regarding http / https functionality
By enabling https in IIS 7for a Sitefinity 4 site, should I be able to access Sitefinity pages using both http / https without further configuration / development?

Thanks in advance

Posted by Community Admin on 16-Jan-2012 00:00

Hello Devusr,

You can go to the Pages grid, select Title & Properties and check Require SSL. Then the page will also be displayed through https:// Is this what you need?

Regards,
Lubomir Velkov
the Telerik team
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 17-Jan-2012 00:00

we are looking for a solution that enables both HTTP / HTTPS for the same user session.
By checking Require SSL, the page becomes accessible only through HTTPS (is this the expected behavior or there is a problem within our site?)

In previous versions there was a CmsHttpModule class that could be used by overriding
the ProcessSslRedirect method and force a redirect through http or https.

Thanks for your time

Posted by Community Admin on 20-Jan-2012 00:00

Hello Devusr,

Please use the following custom route class:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Telerik.Sitefinity.Web;
using Telerik.Sitefinity.Pages.Model;
using Telerik.Sitefinity.Configuration;
using Telerik.Sitefinity.Modules.Pages.Configuration;
using Telerik.Sitefinity.Services;
using Telerik.Sitefinity.Abstractions;
using Telerik.Sitefinity.Localization.UrlLocalizationStrategies;
 
namespace SitefinityWebApp
    public class CustomRoute : SitefinityRoute
    
        public static bool SslRedirectIfNeeded(HttpContextBase httpContext, PageSiteNode node)
        
            /*
            if (httpContext == null)
                throw new ArgumentNullException("httpContext");
            if (node == null)
                throw new ArgumentNullException("node");
 
            node.EnsurePageDataLoaded();
            var requireSsl = node.Attributes["RequireSsl"];
            if (!String.IsNullOrEmpty(requireSsl))
            
                if ("True".Equals(requireSsl, StringComparison.OrdinalIgnoreCase))
                
                    if (!httpContext.Request.IsSecureConnection)
                    
                        httpContext.Response.RedirectPermanent(httpContext.Request.Url.AbsoluteUri.Remove(0, 7).Insert(0, "https://"), true);
                        httpContext.Response.End();
                        return true;
                    
                
                else if ("False".Equals(requireSsl, StringComparison.OrdinalIgnoreCase))
                
                    if (httpContext.Request.IsSecureConnection)
                    
                        httpContext.Response.RedirectPermanent(httpContext.Request.Url.AbsoluteUri.Remove(0, 8).Insert(0, "http://"), true);
                        httpContext.Response.End();
                        return true;
                    
                
            
            */
            return false;
        
 
        protected override bool ProcessRedirects(HttpContextBase httpContext, ref PageSiteNode node, bool isAdditionalUrl, string[] urlParams)
        
            switch (node.NodeType)
            
                case NodeType.InnerRedirect:
                    var terminalNode = node.GetTerminalNode(true);
                    if (terminalNode == null)
                        throw new HttpException(404, "The requested page doesn't exist or you do not have sufficient privileges to view it.");
 
                    httpContext.Response.RedirectPermanent(terminalNode.Url, true);
                    return true;
                case NodeType.Group:
                    var newNode = RouteHelper.GetFirstPageDataNode(node, true, System.Threading.Thread.CurrentThread.CurrentUICulture.Name);
                    if (newNode == null)
                        throw new HttpException(404, "The requested page doesn't exist or you do not have sufficient privileges to view it.");
 
                    if (Config.Get<PagesConfig>().IsToRedirectFromGroupPage)
                    
                        httpContext.Response.RedirectPermanent(newNode.Url, true);
                        return true;
                    
                    else
                    
                        // Rewriting to the new node so that additional check for redirect can be made for it.
                        node = newNode;
                    
                    break;
                case NodeType.OuterRedirect:
                    httpContext.Response.RedirectPermanent(node.RedirectUrl, true);
                    return true;
            
            if (isAdditionalUrl && node.AdditionalUrlsRedirectToDefault)
            
                //TODO the frontend should not fallback to any language
                //var redirectUrl = node.GetUrl(System.Globalization.CultureInfo.CurrentUICulture, this.LanguageFallback);
                //var localizedRedirectUrl = ObjectFactory.Resolve<UrlLocalizationService>().ResolveUrl(redirectUrl);
                var additionalUrlCulture = SystemManager.CurrentHttpContext.Items[SiteMapBase.AdditionalUrlCulture] as CultureInfo;
                string url;
                if (additionalUrlCulture != null)
                
                    var nodeUrl = node.GetUrl(additionalUrlCulture, false);
                    url = urlParams != null ? String.Concat(nodeUrl, "/", String.Join("/", urlParams)) : nodeUrl;
                    url = ObjectFactory.Resolve<UrlLocalizationService>().ResolveUrl(url, additionalUrlCulture);
                
                else
                
                    url = urlParams != null ? String.Concat(node.Url, "/", String.Join("/", urlParams)) : node.Url;
                
                httpContext.Response.RedirectPermanent(url, true);
                return true;
            
            return CustomRoute.SslRedirectIfNeeded(httpContext, node);
        
    

Please note the custom SslRedirectIfNeeded() method - I have commented the original source because you would need to implement your custom logic there. Also you need to register the custom route in Global.asax using the following code:

protected void Application_Start(object sender, EventArgs e)
    Bootstrapper.Initialized += new EventHandler<Telerik.Sitefinity.Data.ExecutedEventArgs>(Bootstrapper_Initialized);
 
void Bootstrapper_Initialized(object sender, Telerik.Sitefinity.Data.ExecutedEventArgs e)
    if (e.CommandName == "RegisterRoutes")
    
        var frountendRoute = RouteTable.Routes["Frontend"];
        int index = RouteTable.Routes.IndexOf(frountendRoute);
        RouteTable.Routes.RemoveAt(index);
        RouteTable.Routes.Insert(index, ObjectFactory.Resolve<CustomRoute>());
    

Greetings,
Lubomir Velkov
the Telerik team
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 13-Feb-2012 00:00

Will this solution also help the fact that in IE(8) the URL can display HTTP but it is indeed HTTPS?  The page is marked HTTP in properites and we write teh URL out to the page to test. It shows HTTPS://  however in the URL bar in IE it shows HTTP:// without the lock.

Then when you navigate to the other pages, sometimes! it keeps the https and sometimes! it drops it.  We only have the one page pmarked as HTTPS.

Any ideas?

Posted by Community Admin on 13-Feb-2012 00:00

I was able to add the code you provided and it works as expected, now any page is accessible using http or https
Thanks a lot for your assistance

This thread is closed