How to remove returnurl from url?

前端 未结 10 569
梦谈多话
梦谈多话 2020-11-28 08:54

I want to remove \"returnurl=/blabla\" from address bar when a user want to access to a login required page. Because I\'m trying to redirect the user to a static page after

相关标签:
10条回答
  • 2020-11-28 08:58

    You can use the HttpUtility.ParseQueryString to remove that element. If you use VB.NET then this code does this

    Dim nvcQuery As NameValueCollection
    Dim strQuery As String = ""
    
    If Not IsNothing(Request.QueryString("ReturnUrl")) Then
        If Request.QueryString("ReturnUrl").Length Then
            nvcQuery = HttpUtility.ParseQueryString(Request.QueryString.ToString)
            For Each strKey As String In nvcQuery.AllKeys
                If strKey <> "ReturnUrl" Then
                    If strQuery.Length Then strQuery += "&"
                    strQuery += strKey + "=" + nvcQuery(strKey)
                End If
            Next
            If strQuery.Length Then strQuery = "?" + strQuery
            If Request.CurrentExecutionFilePath <> "/default.aspx" Then
                Response.Redirect(Request.CurrentExecutionFilePath + strQuery)
            Else
                Response.Redirect("/" + strQuery)
            End If
            Response.Write(Server.HtmlEncode(strQuery))
        End If
    End If
    

    I would put this in the Page.Init event - obviously you will need to change the "/default.aspx" to match the URL of your login page.

    0 讨论(0)
  • 2020-11-28 09:02

    Add a location tag to your web.config. If your page is in a subdirectory, add the web.config to the subdirectory.

    <location path="ForgotPassword.aspx">
        <system.web>
            <authorization>
                <allow users="*"/>
            </authorization>
        </system.web>
    </location>
    

    ASP will overlook adding the ReturnUrl querystring and directing to login.

    0 讨论(0)
  • 2020-11-28 09:03

    Create a custom Authorize Attribute

    public class CustomAuthorizeAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(
                            AuthorizationContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }
    
            if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                string loginUrl = "/"; // Default Login Url 
                filterContext.Result = new RedirectResult(loginUrl);
            }
        }
    }
    

    then use it on your controller

    [CustomAuthorizeAttribute]
    public ActionResult Login()
    {
    
    
        return View();
    }
    
    0 讨论(0)
  • 2020-11-28 09:05

    This is the nature of Forms Authentication. (which im guessing you're using).

    That is, when you access a page which requires authentication, ASP.NET will redirect you to the login page, passing in the ReturnUrl as a parameter so you can be returned to the page you came from post-login.

    To remove this functionality would break the semantics and design of Forms Authentication itself. (IMO)

    My suggestion - if you dont need it, dont use it.

    I'm trying to redirect the user to a static page after login to do some selections.

    Piece of cake - after you've done your login, instead of doing FormsAuthentication.RedirectFromLoginPage (which uses that very ReturnUrl QueryString parameter), just use FormsAuthentication.SetAuthCookie and redirect wherever you want.

    0 讨论(0)
  • 2020-11-28 09:06

    Simple...

    [AllowAnonymous]
    public ActionResult Login() { return View(); }
    
    [AllowAnonymous]
    public ActionResult LoginRedirect(){ return RedirectToAction("Login"); }
    

    Webconfig

    <authentication mode="Forms">
        <forms loginUrl="~/Account/LoginRedirect" timeout="2880" />
    </authentication>
    
    0 讨论(0)
  • 2020-11-28 09:10

    Add this to your Global.asax file.

    public class MvcApplication : HttpApplication {
    
      private const String ReturnUrlRegexPattern = @"\?ReturnUrl=.*$";
    
      public MvcApplication() {
    
        PreSendRequestHeaders += MvcApplicationOnPreSendRequestHeaders;
    
      }
    
      private void MvcApplicationOnPreSendRequestHeaders( object sender, EventArgs e ) {
    
        String redirectUrl = Response.RedirectLocation;
    
        if ( String.IsNullOrEmpty(redirectUrl) 
             || !Regex.IsMatch( redirectUrl, ReturnUrlRegexPattern ) ) {
    
          return;
    
        }
    
        Response.RedirectLocation = Regex.Replace( redirectUrl, 
                                                   ReturnUrlRegexPattern, 
                                                   String.Empty );
    
      }
    
    0 讨论(0)
提交回复
热议问题