With the ASP.NET Core 2.1 release, we included UseHsts
and UseHttpRedirection
by default. These methods put a site into an infinite loop if deployed to an Azure Linux App Service, Azure Linux virtual machine (VM), or behind any other reverse proxy besides IIS. TLS is terminated by the reverse proxy, and Kestrel isn’t made aware of the correct request scheme.
June 20th, 2019
Forwarded Headers Middleware Updates in .NET Core 3.0 preview 6
Category
0 comments