user6450463 user6450463 - 1 month ago 6
ASP.NET (C#) Question

Wrong returnURL with Helicon isapi re-write + asp.net LoginStatus

I have got a bit of a strange issue with our website.

We use helicon isapi rewrite on IIS 6.0, the actual rewriting of web addresses works fine. but...
When I try to log in via a asp.net LoginStatus control it redirects to the login.aspx page with a 'returnURL' querystring parameter:

/account/login.aspx?ReturnUrl=%2fwindfarms%2fbarrow-united-kingdom-uk01.html

however for some strange reason it's adding the original none-rewritten querystring parameter to it's returnURL parameter like so:

/account/login.aspx?ReturnUrl=%2fwindfarms%2fbarrow-united-kingdom-uk01.html %3fwindfarmID%3duk01

To clarify, in '.htaccess' file, we have:

RewriteRule [\w\W\s\S-]*-(\w\w\d[\d\w]+)\.html windfarms.aspx?windfarmID=$1 [QSA]


our rewritten web address, would then look like:

barrow-united-kingdom-uk01.html


However when clicking on the asp.net LoginStatus control, it looks like:

/account/login.aspx?ReturnUrl=%2fwindfarms%2fbarrow-united-kingdom-uk01.html%3fwindfarmID%3duk01


Which after logging in successfully ends up looking like this:

/barrow-united-kingdom-uk01.html?windfarmID=uk01


Why is this happening and how can could I prevent this?

thanks all

Update

I have found out that the actual form action method has already changed before hitting the asp.net LoginStatus control, so the html looks like this before pressing the 'Login' button:

<form name="aspnetForm" method="post" action="barrow-united-kingdom-uk01.html?windfarmID=uk01" id="aspnetForm">

Answer

The "ReturnUrl" parameter is returned from your ASP code (even though it is done automatically) and when ASP.NET gets into play the URL is already rewritten to its query string form (that is the purpose of URL rewriting after all). So when server side ASP code sends a login redirect back to the client it uses a rewritten (query string) form of URL. Unfortunately, there is no easy solution to this problem except for the overloading login operation and embedding some logic on the server side to transform URLs back into their friendly form before they are sent to the client.

Or you can write rule before yours to redirect query string form back to rewritten one. This will make it look neat to user and SEO friendliness is not important here as google crawler will unlikely ever log into your site. Please add this before your rule:

RewriteCond %{QUERY_STRING} (.*)windfarmID=[^&]+(.*) [NC]
RewriteRule ([\w\s]*-\w\w\d[\d\w]+\.html) $1?%1%2 [NC,R]
Comments