HTTPS 否定无效

Question

我有这个网站 "localhost"。我希望除 "localhost/order.aspx?r=15" 之外的所有页面都应具有 https。这里的问题是它将所有页面重定向到 HTTPS，包括 "localhost/order.aspx?r=15"。我也试过这样的模式 "^/localhost/order.aspx$"

 <rule name="Force HTTPS" stopProcessing="true">
    <match url="(.*)" />
    <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
    <add input="{HTTPS}" pattern="off" ignoreCase="true" />
    <add input="{REQUEST_URI}" pattern="(order.*)" ignoreCase="true" negate="true" />
    </conditions>
    <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
    </rule>

Answer 1

所以我修复了它。清除浏览器缓存，因为浏览器通常会记住 HTTPS 路径。并尝试检索 HTTPS，即使您仅提供 HTTP。我会推荐使用 IE 来测试这个。

像这样更新规则。

<rule name="NoSSL - folder" enabled="true" stopProcessing="true">
   <match url="order.*" />
   <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
   </conditions>
   <action type="None" />
</rule>
<rule name="Redirect to HTTPS" enabled="true" stopProcessing="true">
    <match url="(.*)" />
    <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
        <add input="{HTTPS}" pattern="off" />
    </conditions>
    <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" />
</rule>

HTTPS 否定无效

HTTPS negate not working

iis-7

url-rewriting

iis-8