ASP.NET MVC: RequireHttps action filter
As name suggests, RequireHttps attribute indicate that this action method should only accessible by SSL or HTTPS. Whenever action methods are marked with RequireHttps, at that time we cannot browse it with HTTP protocol. If we try to browse it with HTTP then it will be redirected to HTTPS url. We can also use this attribute at controller level.
Attribute Usage: Controller & Method
Sample Code:
[RequireHttps]
public ActionResult SignIn()
{
return View();
}
As we can see in above image that request to HTTP url will issue an HTTP 302 redirection and it will be redirected to HTTPS url. When RequireHttps is applied at controller level, all action method within controller would be only accessible via HTTPS. We should apply this attribute, wherever we are obtaining sensitive data from user for e.g. login credential, credit card information, etc. I think RequireHttps attribute is one of the best examples which shows how ASP.NET MVC framework simplifies web developments.
Check out ASP.NET MVC: Action filter series post to read about other available action filters.
You can follow me on twitter for latest link and update on ASP.NET & MVC.