feat: redirect www.essentialcsharp.com to apex domain (#1109)

BenjaminMichaelis · web-flow · commit 8fd1dd0d7c20 · 2026-05-15T19:43:50.000-07:00
## Problem \www.essentialcsharp.com\ currently returns a 404 (HTTP) or connection reset (HTTPS) because the Azure Container App doesn't handle the \www\ hostname. ## Solution Adds a **301 permanent redirect** in the production middleware pipeline that strips the \www.\ prefix and redirects to the apex domain (\�ssentialcsharp.com\). ### Key details - **Production only** — inside the \!IsDevelopment()\ block, local dev is unaffected - **After \UseForwardedHeaders\** — so the real \Host\ header is readable behind the ACA ingress proxy - No new dependencies ## Required Azure change (separate) \www.essentialcsharp.com\ must be bound as a custom domain on the Azure Container App so traffic reaches the app at all (Azure will also provision a managed TLS cert).
diff --git a/EssentialCSharp.Web/Program.cs b/EssentialCSharp.Web/Program.cs
@@ -443,6 +443,17 @@ await context.HttpContext.Response.WriteAsync(
         // Configure the HTTP request pipeline.
         if (!app.Environment.IsDevelopment())
         {
+            SiteSettings siteSettings = app.Services.GetRequiredService<IOptions<SiteSettings>>().Value;
+            if (!Uri.TryCreate(siteSettings.BaseUrl, UriKind.Absolute, out Uri? configuredBaseUri))
+            {
+                throw new InvalidOperationException($"Invalid {SiteSettings.SectionName}:{nameof(SiteSettings.BaseUrl)} value: '{siteSettings.BaseUrl}'.");
+            }
+            string apexHost = configuredBaseUri.Host.StartsWith("www.", StringComparison.OrdinalIgnoreCase)
+                ? configuredBaseUri.Host[4..]
+                : configuredBaseUri.Host;
+            string wwwHost = $"www.{apexHost}";
+            string redirectAuthority = new UriBuilder(configuredBaseUri) { Host = apexHost }.Uri.GetLeftPart(UriPartial.Authority);
+
             app.UseExceptionHandler(exceptionApp =>
             {
                 exceptionApp.Run(async context =>
@@ -506,6 +517,19 @@ await McpJsonRpcResponseWriter.WriteErrorAsync(
             app.UseSecurityHeadersMiddleware(new SecurityHeadersBuilder()
                 .AddDefaultSecurePolicy()
                 .AddContentSecurityPolicy(csp));
+
+            // Redirect configured www host to configured apex host (permanent 301).
+            // Must be after UseForwardedHeaders so the Host header reflects the real hostname.
+            app.Use(async (context, next) =>
+            {
+                if (string.Equals(context.Request.Host.Host, wwwHost, StringComparison.OrdinalIgnoreCase))
+                {
+                    string redirectUrl = $"{redirectAuthority}{context.Request.PathBase}{context.Request.Path}{context.Request.QueryString}";
+                    context.Response.Redirect(redirectUrl, permanent: true);
+                    return;
+                }
+                await next(context);
+            });
         }
         else
         {
