如何在注销时删除 ?ReturnToUrl 查询字符串？

发布于 2024-08-04 03:42:14 字数 695 浏览 3 评论 0原文

我的 LoginControl.ascx 代码中有这样的内容：

protected void Logout_Click(object sender, EventArgs e)
{
    FormsAuthentication.SignOut();
    Session.Abandon();
    FormsAuthentication.RedirectToLoginPage();
    Response.End;
    //Response.Redirect("default.aspx");
}

我期望在注销时用户将被重定向到登录页面（在本例中为 default.aspx），并且将附加NO查询字符串。相反，我在 URL 上看到的是：

http://kab.domain.com/default.aspx?ReturnUrl=%2fAdministration%2fCharacter%2fView.aspx

现在，注销后，我想以另一个人的身份登录（具有较小的权限），成功登录后，它会将我重定向到此新登录无权访问的页面看！ <咕噜>>

我意识到“普通”用户永远不会遇到这个问题，但测试用户会遇到这个问题，而且就他们而言，这是一个错误。

即使使用 Response.Redirect，我仍然得到查询字符串。如何在注销时删除查询字符串？？？

原文

I have this in my LoginControl.ascx code behind:

protected void Logout_Click(object sender, EventArgs e)
{
    FormsAuthentication.SignOut();
    Session.Abandon();
    FormsAuthentication.RedirectToLoginPage();
    Response.End;
    //Response.Redirect("default.aspx");
}

I expected that on logout the user would be redirected to the login page (default.aspx in this case) and there would be NO query string attached. Instead, what I see on the URL is:

http://kab.domain.com/default.aspx?ReturnUrl=%2fAdministration%2fCharacter%2fView.aspx

So now, after logging out, I want to log in as another person (with lesser privileges) and on a successful login it redirects me to a page that this new login does not have permissions to see! <grrr />

I realize that the "normal" user will never run into this issue but the test users do and it is a bug as far as they are concerned.

Even with the Response.Redirect I still get the query string. How do I get rid of the query string at logout???

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

星 2024-08-11 03:42:14

试试这个：

Response.Redirect(FormsAuthentication.LoginUrl);

Try this:

Response.Redirect(FormsAuthentication.LoginUrl);

回复收藏 0 原文

咆哮 2024-08-11 03:42:14

public partial class MasterPage : System.Web.UI.MasterPage
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void signout_Click(object sender, EventArgs e)
    {
      Response.Write("<script language=javascript>var wnd=window.open('','newWin','height=1,width=1,left=900,top=700,status=no,toolbar=no,menubar=no,scrollbars=no,maximize=false,resizable=1');</script>");
      Response.Write("<script language=javascript>wnd.close();</script>");
      Response.Write("<script language=javascript>window.open('login.aspx','_parent',replace=true);</script>");
      Session["name"] = null;
    }
}

我还在所有页面上添加了此代码。

protected void Page_Load(object sender, EventArgs e)
    {
      Response.Cache.SetCacheability(HttpCacheability.NoCache);
      Response.Cache.SetAllowResponseInBrowserHistory(false);
    }
}

public partial class MasterPage : System.Web.UI.MasterPage
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void signout_Click(object sender, EventArgs e)
    {
      Response.Write("<script language=javascript>var wnd=window.open('','newWin','height=1,width=1,left=900,top=700,status=no,toolbar=no,menubar=no,scrollbars=no,maximize=false,resizable=1');</script>");
      Response.Write("<script language=javascript>wnd.close();</script>");
      Response.Write("<script language=javascript>window.open('login.aspx','_parent',replace=true);</script>");
      Session["name"] = null;
    }
}

I'm also adding on all page this code.

protected void Page_Load(object sender, EventArgs e)
    {
      Response.Cache.SetCacheability(HttpCacheability.NoCache);
      Response.Cache.SetAllowResponseInBrowserHistory(false);
    }
}

回复收藏 0 原文

~没有更多了~