how to access the http and https in the same page in asp.net?

Question

I am creating a website with password-protected pages in it.

I have two type of customer: 1. normal 2. secured

For secured customers, pages would be rendered over HTTPS whereas for normal customer, pages will be rendered over HTTP. However, pages for both types of users would be same but the content will change.

Please note, the URL for the two users should be same except HTTP/HTTPS part.

Can anyone pls suggest how to structure the application so that the same page will act as both http and https?

Also would like to know, sometimes when we browse some HTTPS page and few of the items like image are referenced over HTTP then we get a cross in Address Bar indicating that some of the resources are not over HTTPS.

How can we overcome this problem, any suggestions?

Answer 1

This should be fine, when the user logs in, redirect them to an https:// page. Just use the same page addresses, only the scheme (http or https) needs to change.

To avoid problems with choosing between http or https (for example in image URLs like you mention), try to use relative URLs whenever possible, instead of absolute URLs. So if you're on https://test.com/index.html and want to display an image in an images directory, use /images/test.jpg (relative) rather than https://images/test.jpg (absolute).

If you have to use absolute, you can use a scheme-relative url - for example //images/test.jpg will use HTTP if the current page is using HTTP, and HTTPS if the page is using HTTPS.

See this question and this one for more details.