Is there an easy way to perform an automatic redirect when a user attempts to reach the site on a non-SSL port? 80 --> 443. I am running a stand-alone server. Not sure if this should be done in a Session Open event or in the App HandleURL event.
Thanks.
Either way.
In HandleUrl, you set the Location header and set the status to 304 301.
In Session.Open use
ShowUrl(app.url.replace(“http:”,”https:”)The first has less overhead for your app.
Edit: Fixed the response code.
Because it’d be nice, a feature request for “Force SSL”
<https://xojo.com/issue/51252>
Thanks! Appreciate the response. One follow-up question: I want to do the redirect in HandleURL but I’m not quite sure when do it? I’ve tried redirecting every request that comes in insecure like this with no luck:
// Request came in unsecure. Automtically redirect to secure URL
if ( NOT Request.Secure ) then
Request.Status = 304
Request.Header(“LOCATION”) = “https://” + app.HostName
return(TRUE)
end if
App.HostName is a property where I store the site name.
So I suggest only doing this when request.path = “”. Otherwise you could be intercepting more than you want.
In HandleUrl, you set the Location header and set the status to 304.
Greg – Im a little lost on this part. Can you point me to the docs/example?
Here ya go. Just replace the newURL string with the one that the app should be redirected to for SSL.
Function HandleURL(Request As WebRequest) Handles HandleURL as Boolean
if request.path = "" then
if not request.Secure then
dim newURL as string = "https://your.domain.com"
request.Header("Location") = newURL
request.Status = 301
return True
end if
end if
End Function