开发Asp.net网站, 开发网站使用Form验证, 需要在Web.config中加入如下节点
<
authentication
mode
="Forms"
>
< forms loginUrl ="~/Public/Login" timeout ="30" />
</ authentication >
< forms loginUrl ="~/Public/Login" timeout ="30" />
</ authentication >
打开带有参数的页面时,如果未登录或登录已超时,会自动跳转到Login页面, 但是当输入完用户名密码后, 如果使用 this.HttpContext.Request.UrlReferrer 获取之前的页面就会发现获取到的Url中包含重复的参数列表.
至于为什么会出现重复,可以参考:
http://blogs.msdn.com/b/vijaysk/archive/2008/01/24/anatomy-of-forms-authentication-return-url.aspx
可以这样获得没有重复的Url:
var urlPathAndQuery =
this.HttpContext.Request.UrlReferrer.PathAndQuery;
var returnUrlIndex = urlPathAndQuery.IndexOf( " ReturnUrl= ");
if (returnUrlIndex > - 1)
{
var parameterIndex = urlPathAndQuery.IndexOf( " & ");
string returnUrl = parameterIndex == - 1 ? urlPathAndQuery.Substring(returnUrlIndex + 10) : urlPathAndQuery.Substring(returnUrlIndex + 10, parameterIndex - (returnUrlIndex + 10));
returnUrl = Server.UrlDecode(returnUrl);
bool isNotLogoutUrl = returnUrl.IndexOf( " Logout ") == - 1;
if (isNotLogoutUrl)
{
return returnUrl;
}
}
var returnUrlIndex = urlPathAndQuery.IndexOf( " ReturnUrl= ");
if (returnUrlIndex > - 1)
{
var parameterIndex = urlPathAndQuery.IndexOf( " & ");
string returnUrl = parameterIndex == - 1 ? urlPathAndQuery.Substring(returnUrlIndex + 10) : urlPathAndQuery.Substring(returnUrlIndex + 10, parameterIndex - (returnUrlIndex + 10));
returnUrl = Server.UrlDecode(returnUrl);
bool isNotLogoutUrl = returnUrl.IndexOf( " Logout ") == - 1;
if (isNotLogoutUrl)
{
return returnUrl;
}
}