public void ValidateRequestSecurity()
{
var useSSL = BehaviorsConfiguration.HTTPSecurity == HTTPSecurity.SSL;
if (useSSL || ShouldEnforceSecureRequests(AppInfo.GetAppInfo()))
{
if (!RuntimePlatformUtils.RequestIsSecure(HttpContext.Current.Request, !useSSL))
{
throw new ExposeRestException("HTTPS connection required.", HttpStatusCode.Forbidden);
}
}
if (BehaviorsConfiguration.InternalAccessOnly)
{
if (!RuntimePlatformUtils.InternalAddressIdentification(HttpContext.Current.Request))
{
throw new ExposeRestException("Access Denied.", HttpStatusCode.Forbidden);
}
}
}
