Reputation: 14382
Forms authentication appends return url even though there is no return url
I use forms authentication in web application. I have this in my config file. I use IIS 7
<forms loginUrl="~/Account/Login.aspx" cookieless="UseCookies" protection="All"
name=".ASPXAUTH" timeout="60" requireSSL="false" slidingExpiration="true"
enableCrossAppRedirects="false" defaultUrl="~/Dashboard.aspx" />
When i enter my site's url in the address bar it redirects me to
Account/Login.aspx?ReturnUrl=%2f instead of Account/Login.aspx
I don't know what the reason is , but when i use IIS 5.1 everything works fine.
Please help me.
Upvotes: 1
Views: 2401
Answers (2)
Reputation: 343
One option is to hide the URL in the browser address bar:
<script>
if (history.replaceState) {
history.replaceState({}, document.title, '//' + location.host + location.pathname);
}
</script>
Upvotes: 1
Reputation: 31394
Forms authentication redirection puts the source URL into the login.aspx request as a parameter so it can return the user the to the page they entered. %2f = /, e.g. the root of your site. If you had entered the www.example.com/coolstuff.aspx your ReturnUrl parameter would be '%2fcoolstuff.aspx'.
Nothing is wrong, that is how forms authentication is suppose to work.
Upvotes: 1
Related Questions
- How to remove returnurl from url?
- ASP.NET MVC 3 FormsAuthentication ReturnURL
- ASP.net forms authentication setting returnURL on a link when user is already logged in
- ReturnUrl is always null after login
- Accessing login page appends ReturnUrl on IIS?
- Authorize attribute ReturnUrl not working as expected
- Can forms authentication ignore returnUrl
- Defining a forms auth path erratically redirecting to ReturnUrl after logon
- Forms Authentication adding additional information along with ReturnUrl
- Disable the Return URL in Form Authentication