您的位置: 首页  >  技术问答  >  如何在App Service上禁用HTTP到HTTPS重定向?

如何在App Service上禁用HTTP到HTTPS重定向?

分类: 技术问答 2022-03-29 10:57:01

如何在App Service上禁用HTTP到HTTPS重定向?

问题描述:

创建HTTP自定义域到应用程序服务后,如何防止Azure应用程序服务从HTTP重定向到HTTPS?

How do I prevent an Azure App Service redirecting from HTTP to HTTPS after I create an HTTP Custom Domain to an App Service?

仅HTTPS已禁用 根据如何删除Azure SSL绑定?

HTTPS Only is disabled Authentication is disabled as per How to remove Azure SSL binding?

背景:App服务的前面是处理所有HTTPS流量的App网关. App Service将重写标头以及Set-Cookie.根据 https://,存在一个错误/限制docs.microsoft.com/zh-CN/azure/application-gateway/rewrite-http-headers :如果响应具有多个同名标题,则重写其中一个标题的值将导致删除响应中的其他标头.通常情况下,Set-Cookie标头会发生这种情况,因为响应中可以有多个Set-Cookie标头."我们对此限制感到困惑.这意味着我们不能使用此处介绍的第一种解决方法:

Background: The App Service is fronted by an App Gateway which handles all the HTTPS traffic. The App Service re-writes headers and also Set-Cookie. There is a bug / limitation as per https://docs.microsoft.com/en-us/azure/application-gateway/rewrite-http-headers: "If a response has more than one header with the same name, then rewriting the value of one of those headers will result in dropping the other headers in the response. This can usually happen with Set-Cookie header since you can have more than one Set-Cookie header in a response." We are encumbered by this limitation. This means that we cannot use the first workaround described here: https://docs.microsoft.com/en-us/azure/application-gateway/troubleshoot-app-service-redirection-app-service-url "Solution: Rewrite the location header". We are there forced to use the second solution instead which is essentially to pass the traffic through to the back end App Service as described in "Alternate solution: Use a custom domain name". The examples all use HTTP for the back end. We did try HTTPS as the back end but that requires the deployment (we use Azure Devops) to push the cert to the App Service as well as the App Gateway, something that would seem to be a lot of effort for a simple requirement - especially as all the Microsoft examples use HTTP at the back end if there is an App Gateway protecting it.

这是一个权宜之计,直到Application Gateway能够正确处理多个Set-Cookie重写为止.

This is all a stop-gap until the Application Gateway is able to handle multiple Set-Cookie rewrites corrrectly.

除了在App Service中禁用强制HTTPS之外,还需要第二件事:

As well as disabling forced HTTPS in the App Service, a second thing was required:

app.UseHttpsRedirection(); 已在Startup.cs文件中设置.

app.UseHttpsRedirection(); had been set in the Startup.cs file.

这将独立于App Service设置强制进行代码重定向.注释掉它会禁用重定向,从而解决了问题.

This forces the redirection in code independently of the App Service setting. Commenting it out disabled the redirection, solving the problem.

相关推荐