Share via


RequireHttpsAttribute Class

Definition

An authorization filter that confirms requests are received over HTTPS.

public ref class RequireHttpsAttribute : Attribute, Microsoft::AspNetCore::Mvc::Filters::IAuthorizationFilter, Microsoft::AspNetCore::Mvc::Filters::IOrderedFilter
[System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=false, Inherited=true)]
public class RequireHttpsAttribute : Attribute, Microsoft.AspNetCore.Mvc.Filters.IAuthorizationFilter, Microsoft.AspNetCore.Mvc.Filters.IOrderedFilter
[<System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=false, Inherited=true)>]
type RequireHttpsAttribute = class
    inherit Attribute
    interface IAuthorizationFilter
    interface IFilterMetadata
    interface IOrderedFilter
Public Class RequireHttpsAttribute
Inherits Attribute
Implements IAuthorizationFilter, IOrderedFilter
Inheritance
RequireHttpsAttribute
Attributes
Implements

Constructors

RequireHttpsAttribute()

Properties

Order

Gets the order value for determining the order of execution of filters. Filters execute in ascending numeric value of the Order property.

Permanent

Specifies whether a permanent redirect, 301 Moved Permanently, should be used instead of a temporary redirect, 302 Found.

Methods

HandleNonHttpsRequest(AuthorizationFilterContext)

Called from OnAuthorization(AuthorizationFilterContext) if the request is not received over HTTPS. Expectation is Result will not be null after this method returns.

OnAuthorization(AuthorizationFilterContext)

Called early in the filter pipeline to confirm request is authorized. Confirms requests are received over HTTPS. Takes no action for HTTPS requests. Otherwise if it was a GET request, sets Result to a result which will redirect the client to the HTTPS version of the request URI. Otherwise, sets Result to a result which will set the status code to 403 (Forbidden).

Applies to