How to avoid open-redirect vulnerability and safely redirect on successful login (HINT: ASP.NET MVC 2 default code is vulnerable)

Question

Normally, when a site requires that you are logged in before you can access a certain page, you are taken to the login screen and after successfully authenticating yourself, you

Answer 1

You could always keep a record of the previous page with TempData when the user is not authenticated and use that to redirect to the previous page instead of a url parameter.