user6450463 user6450463 - 1 month ago 6
ASP.NET (C#) Question

Wrong returnURL with Helicon isapi re-write + LoginStatus

I have got a bit of a strange issue with our website.

We use helicon isapi rewrite on IIS 6.0, the actual rewriting of web addresses works fine. but...
When I try to log in via a LoginStatus control it redirects to the login.aspx page with a 'returnURL' querystring parameter:


however for some strange reason it's adding the original none-rewritten querystring parameter to it's returnURL parameter like so:

/account/login.aspx?ReturnUrl=%2fwindfarms%2fbarrow-united-kingdom-uk01.html %3fwindfarmID%3duk01

To clarify, in '.htaccess' file, we have:

RewriteRule [\w\W\s\S-]*-(\w\w\d[\d\w]+)\.html windfarms.aspx?windfarmID=$1 [QSA]

our rewritten web address, would then look like:


However when clicking on the LoginStatus control, it looks like:


Which after logging in successfully ends up looking like this:


Why is this happening and how can could I prevent this?

thanks all


I have found out that the actual form action method has already changed before hitting the LoginStatus control, so the html looks like this before pressing the 'Login' button:

<form name="aspnetForm" method="post" action="barrow-united-kingdom-uk01.html?windfarmID=uk01" id="aspnetForm">


The "ReturnUrl" parameter is returned from your ASP code (even though it is done automatically) and when ASP.NET gets into play the URL is already rewritten to its query string form (that is the purpose of URL rewriting after all). So when server side ASP code sends a login redirect back to the client it uses a rewritten (query string) form of URL. Unfortunately, there is no easy solution to this problem except for the overloading login operation and embedding some logic on the server side to transform URLs back into their friendly form before they are sent to the client.

Or you can write rule before yours to redirect query string form back to rewritten one. This will make it look neat to user and SEO friendliness is not important here as google crawler will unlikely ever log into your site. Please add this before your rule:

RewriteCond %{QUERY_STRING} (.*)windfarmID=[^&]+(.*) [NC]
RewriteRule ([\w\s]*-\w\w\d[\d\w]+\.html) $1?%1%2 [NC,R]