那些遇到过的问题

相关疑难解决方法(0)

.net Core X Forwarded Proto无法正常工作

我正在努力让我的.net核心1.1应用程序在负载均衡器后面工作并强制执行https.我的Startup.cs中有以下设置

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IServiceProvider serviceProvider, IOptions<Auth0Settings> auth0Settings)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();


    var startupLogger = loggerFactory.CreateLogger<Startup>();


    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
        app.UseDatabaseErrorPage();
        app.UseBrowserLink();
        startupLogger.LogInformation("In Development");
    }
    else
    {
        startupLogger.LogInformation("NOT in development");
        app.UseExceptionHandler("/Home/Error");
    }

    app.UseMiddleware<HttpsRedirectMiddleware>();
    app.UseForwardedHeaders(new ForwardedHeadersOptions
    {
        ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
    });`
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationScheme= CookieAuthenticationDefaults.AuthenticationScheme,
            AutomaticAuthenticate = true,
            AutomaticChallenge = true,
            CookieHttpOnly = true,
            SlidingExpiration = true
        });
Run Code Online (Sandbox Code Playgroud)

HttpsRedirectMiddleware用于验证LB具有X-Forwarded-Proto集合,它确实存在,并以https作为唯一值返回.当我访问该网站(https://myapp.somedomain.net)时,它知道我未经过身份验证并将我重定向到(http://myapp.somedomain.net/Account/Logon?ReturnUrl=%2f).它失去了SSL连接并切换回我的端口80..net核心文档说使用如下所示的"UseForwardedHeaders",这在我的情况下不起作用.当此切换发生时,控制台记录器没有来自中间件的任何错误或警告.

对于短期修复,我把它放在"UseForwardedHeaders"下面

    app.Use(async (context, next) =>
    {
        var xproto = context.Request.Headers["X-Forwarded-Proto"].ToString();
        if …
Run Code Online (Sandbox Code Playgroud)

c# asp.net-mvc .net-core

Jos*_*osh
lucky-day
18
推荐指数
2
解决办法
6132
查看次数

标签 统计

.net-core ×1

asp.net-mvc ×1

c# ×1