views:

215

answers:

0

My website is HTTPS and I use a redirect module to change any requests for a HTTP page into an HTTPS page. This works nicely using this...

http://www.codeproject.com/KB/aspnet/WebPageSecurity.aspx

However, the page also gets various script resources as part of the ASP.Net AJAX and Telerik controls e.g.

http://www.mywebsite.co.uk/ScriptResource.axd?d=RZJPznutyCmbbBAHSbKedj3kgUyiK7uBICOoB7IdFt8MWVJ-D-TxNWt-mdkCrv5HGSAToaV2udumFlE1EKBiow2&t=7dbf7a27

As the majority of my site uses HTTPS and then a few GET requests to form the page use HTTP IE8 does not like this at all and prompts the user to only show the content received via HTTPS. If the user does this then the ASP.Net AJAX javascript files are not loaded into the browser and chaos occurs!

Is there a way I can tell ASP.Net or IIS to serve all requests via ScriptResource.axd as HTTPS? I saw on a forum someone saying they had used a handler to do this but no example code was supplied.

Would be really greatful for a pointer in the right direction.

Thanks.