0

I have a class which i inherit to all pages to check if session timeouts then redirect to login page here is the code

public class WMUserBase:System.Web.UI.Page
{
    public WMUserBase()
    {

    }
    protected override void OnLoad(System.EventArgs e)
    {
        CheckSecurity();
        base.OnLoad(e);
    }
    public virtual void CheckSecurity()
    {
        if (Session["WMuserId"] == null || Session["WMuserId"].ToString() == "")
        {
            Response.Redirect("Login.aspx?ReturnUrl=" + HttpContext.Current.Request.Url.AbsoluteUri);
        }
    }
}

Every page inherit this class and if session timeouts then page is redirected to login page now i used
Response.Redirect("Login.aspx?ReturnUrl=" + HttpContext.Current.Request.Url.AbsoluteUri); but if my querystring has two parameters for eg http://localhost/mala3ibnav2/WeeklyManager/TeamSetup.aspx?Gid=MTQ=&Mid=Mg== in AbsoluteUril &Mid=Mg== is sometimes skipped not always.
Here is the code for Login Page login button click event

 if(string.IsNullOrEmpty(ReturnUrl))
                {
                    Response.Redirect("Default.aspx");
                }
                else
                {
                    Response.Redirect(ReturnUrl);
                }

Now why second parameter is skipped in querystring and what else should I is use instead of HttpContext.Current.Request.Url.AbsoluteUri

4

1 回答 1

2

您必须对网址进行编码:

Response.Redirect("Login.aspx?ReturnUrl=" + HttpUtility.UrlEncode(HttpContext.Current.Request.Url.AbsoluteUri));

如果您使用表单身份验证,则可以将身份验证超时设置为比会话超时少一分钟。然后您不必自己编写代码,因为 ASP.NET 会在超时后自动将用户重定向到登录页面。

于 2013-06-25T10:00:57.733 回答