Hi team,
Just wanted to share a small fix that can save us all sometime during local development.
Instead of having to edit the web.config file every time we want to run an app without HTTPS locally, we can add one line to the existing HTTPS redirect rule that tells it to skip redirection for localhost
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^localhost$" negate="true" />
Here’s how the full rule should look:
<rewrite>
<rules>
<rule name="HTTP to HTTPS Redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
<!-- Below line ensures localhost doesn't get redirected to HTTPS -->
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^localhost$" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" />
</rule>
</rules>
</rewrite>
I had added this to the SAAS app a while ago and it’s been working well. It ensures HTTPS is still enforced everywhere except localhost, so we don’t have to keep changing and reverting config files just to get things running locally. It also helps avoid accidentally checking in a version of web.config without HTTPS redirection in place.
If this line isn't already in the app you're working on, go ahead and add it. Should be a one-time fix.
Let me know if you have any questions.
Have a great weekend!
No comments:
Post a Comment