Issue
I don’t quite get the difference between UseHsts and UseHttpsRedirection in the configure section of the startup file in .net core. Could anyone explain?
Solution
According to the documentation you should use both together:
We recommend all production ASP.NET Core web apps call:
- The HTTPS Redirection Middleware (UseHttpsRedirection) to redirect all HTTP requests to HTTPS.
- UseHsts, HTTP Strict Transport Security Protocol (HSTS).
The .UseHttpsRedirection() will issue HTTP response codes redirecting from http to https. The .UseHsts() will add the HSTS response header which the client is supposed to obey.
Answered By – Nate
Answer Checked By – Gilberto Lyons (BugsFixing Admin)