Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
625 views
in Technique[技术] by (71.8m points)

iis 7 - IIS7 URL Rewriting: How not to drop HTTPS protocol from rewritten URL?

I'm working on a website that uses IIS 7's URL rewriting feature to do a permanent redirect from example.com to www.example.com, as well as rewrites from similar domain names to the "main" one, such as from www.examples.com to www.example.com.

This rewrite rule - shown below - has worked well for some time now. However, we recently added HTTPS support and noticed that if users visit one of the URLs to be rewritten to www.example.com then HTTPS is dropped. For instance, if a user visits https://example.com they get redirected to http://www.example.com, whereas we would like them to be sent to https://www.example.com.

Here is the rewrite rule of interest (in Web.config):

<rule name="Canonical Host Name" stopProcessing="true">
    <match url="(.*)" />

    <conditions logicalGrouping="MatchAny">
        <add input="{HTTP_HOST}" pattern="^example.com$" />
        <add input="{HTTP_HOST}" pattern="^(www.)?example.net$" />
        <add input="{HTTP_HOST}" pattern="^(www.)?example.info$" />
        <add input="{HTTP_HOST}" pattern="^(www.)?examples.com$" />
    </conditions>

    <action type="Redirect" url="http://www.example.com/{R:1}" redirectType="Permanent" />
</rule>

As you can see, the action element's url attribute points directly to http://, so I get why https://example.com is redirected to http://www.example.com. My question is, how do I fix this? I tried (naively) to just drop the http:// part from the url attribute, but that didn't work.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Here's Scott's answer with Hasan's improvements. This should cover mixed SSL/non-SSL sites. The rule basically says "if the url does not have www.example.com", do a permanent redirect to it. Essentially... you are redirecting people who visit you without www or directly to your IP address.

<rewrite>
<rules>
    <rule name="Canonical Host Name" stopProcessing="true">
        <match url="(.*)" />
        <conditions logicalGrouping="MatchAll">
            <add input="{HTTP_HOST}" pattern="^www.example.com$" negate="true" />
        </conditions>
        <action type="Redirect" url="{MapSSL:{HTTPS}}www.example.com/{R:1}" redirectType="Permanent" />
    </rule>
</rules>
<rewriteMaps>
    <rewriteMap name="MapSSL" defaultValue="http://">
        <add key="ON" value="https://" />
        <add key="OFF" value="http://" />
    </rewriteMap>
</rewriteMaps>
</rewrite>

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...