Tusk Software Blog

We are hiring!

Want to work with smart people on great projects? Do you have a strong background in C#, ASP.NET, and/or frontend Javascript frameworks like Angular or Ember, and know how to solve problems and get things done?  Then we'd like to talk to you, because Tusk is hiring. Read on




How to force pages to *not* use SSL in ASP.NET MVC by creating a ForbidHttpsAttribute

Here's a quick one for you.

There are times when you want to require a page be transmitted over TLS (transport layer security) using SSL (secure sockets layer). Anytime you are transmitting sensitive information over the wire, requiring HTTPS is a good idea. We actually require SSL sitewide now because Google encourages it. We'll assume that you already know about the reasons for encrypting traffic and when to do so. However, there are times when you want just the opposite- you want requests to a page to *not* use TLS, just plain old HTTP.

So what are the reasons that you would want to to this?

Read on