Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Tomasz Kowalski 135 posts 445 karma points
    Nov 04, 2022 @ 12:47
    Tomasz Kowalski
    0

    Force HTTPS in BeginPaymentForm when using Invoicing payment method

    Hi,

    Vi have a customer that runs all their websites with "proxy" HTTPS. Actually I don't know, if it is the correct name, but thing is, that ther are only HTTP bindings in IIS and HTTPS is "added" on-the-fly.

    The problem is that Umbraco thinks that it runs on HTTP and all URLs which are not relative, uses HTTP. That means, that even though site shows HTTPS in adress bar, url in the form action is with "http". And the webbrowser complains about sending data through unsafe connection.

    enter image description here

    It works fine with external payment providers. The problem is only with Invoicing payment method.

    Is there anything I can do to force HTTPS on the action URL?

    I'm using Umbraco 10.3.2 and Vendr 3.0.3

    Kind regards

    Tomasz

  • Matt Brailsford 4125 posts 22223 karma points MVP 9x c-trib
    Nov 04, 2022 @ 13:56
    Matt Brailsford
    0

    Hi Thomasz,

    If you are using proxies like this you need to ensure the X-Forwarded-Proto and X-Forwarded-Host headers are set. With both these set to whatever your proxy is using Vendr will use those when generating payment provider URLs

  • Tomasz Kowalski 135 posts 445 karma points
    Nov 07, 2022 @ 09:45
    Tomasz Kowalski
    0

    Hi Matt,

    It doesn't really help :( I've added these to headers, but payment form's action still uses http.

    enter image description here

    enter image description here

    Unless I'm doing something wrong...

    I'll try to dig in it by my self, but any ideas are appreciated :)

    Kind regards

    Tomasz

  • Matt Brailsford 4125 posts 22223 karma points MVP 9x c-trib
    Nov 07, 2022 @ 10:09
    Matt Brailsford
    0

    Hmm, that should work then as far as I can tell.

    If it helps, this is the code we use to get the base URL for the payment provider URLs

    var request = _httpContextAccessor.HttpContext.Request;
    
    var xForwardedProto = true;
    var xForwardedHost = true;
    
    string scheme = request.Headers["X-Forwarded-Proto"];
    if (scheme.IsNullOrWhiteSpace())
    {
        scheme = request.GetScheme();
        xForwardedProto = false;
    }
    
    string host = request.Headers["X-Original-Host"];
    if (host.IsNullOrWhiteSpace())
    {
        host = request.Headers["X-Forwarded-Host"];
        if (host.IsNullOrWhiteSpace())
        {
            host = request.GetHost();
            xForwardedHost = false;
        }
    }
    
    int port = int.Parse("0" + request.Headers["X-Forwarded-Port"]);
    if (port == 0)
    {
        string cfVisitor = request.Headers["CF-Visitor"];
        if (!cfVisitor.IsNullOrWhiteSpace())
        {
            port = cfVisitor.InvariantContains("https") ? 443 : 80;
        }
        else
        {
            port = xForwardedHost
                ? xForwardedProto
                    ? scheme.InvariantEquals("https") ? 443 : 80
                    : 80
                : request.GetPort();
        }
    }
    
    var baseUrl = new UriBuilder(scheme, host, port).Uri;
    

    Maybe if you run that on a request with your headers set you can see where it's getting routed and if something is getting missed?

  • Matt Brailsford 4125 posts 22223 karma points MVP 9x c-trib
    Nov 08, 2022 @ 09:11
    Matt Brailsford
    100

    Actually, i've just realized, the support for X-Forwarded-Host was only recently added and isn't yet deployed so I think you'd need to have X-Original-Host set instead

  • Tomasz Kowalski 135 posts 445 karma points
    Nov 21, 2022 @ 10:42
    Tomasz Kowalski
    1

    Hi again,

    It took the time to communicate with the customer, and set both headers to correct values, but it works perfect now.

    Thank you for assistance! 5hyr! :)

    Kind regards

    Tomasz

Please Sign in or register to post replies

Write your reply to:

Draft