0

我有一个使用基于表单的身份验证的 MVC 网站,我将它与 IIS-10 结合使用。当我部署该站点并尝试访问该站点时,我得到了一个格式错误的 returnURL,这会导致 404,下面显示了一个示例。

http://MyWebSite:8080/Account/Login?ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252FAccount%252FLogin%253FReturnUrl%253D%25252FAccount%25252FLogin%25253FReturnUrl%25253D%2525252FAccount%2525252FLogin%2525253FReturnUrl%2525253D%252525252FAccount%252525252FLogin %252525253FReturnUrl%252525253D%25252525252FAccount%25252525252FLogin%25252525253FReturnUrl%25252525253D%2525252525252FAccount%2525252525252FLogin% 7个字符到2个,总共5个字符。

当我在 Visual Studio 2017 上以调试或发布模式运行该站点时,一切正常。Account 控制器添加了一个 [AllowAnonymous] 装饰器

查看 IIS 日志,我看到在发出总共 23 302 个请求的初始请求之后,其中连接返回 URL 直到遇到 404。这是前几个日志条目

2018-01-31 15:58:18 10.153.60.112 GET /Account/Index - 8080 - 192.168.5.158 Mozilla/5.0+(Windows+NT+10.0;+WOW64;+Trident/7.0;+rv:11.0)+like +壁虎 - 302 0 0 3

2018-01-31 15:58:18 10.153.60.112 GET /Account/Login ReturnUrl=%2FAccount%2FIndex 8080 - 192.168.5.158 Mozilla/5.0+(Windows+NT+10.0;+WOW64;+Trident/7.0;+rv :11.0)+点赞+壁虎 - 302 0 0 3

2018-01-31 15:58:18 10.153.60.112 GET /Account/Login ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252FAccount%252FIndex 8080 - 192.168.5.158 Mozilla/5.0+(Windows+NT+10.0;+WOW64 ;+三叉戟/7.0;+rv:11.0)+like+壁虎 - 302 0 0 3

2018-01-31 15:58:18 10.153.60.112 GET /Account/Login ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252FAccount%252FLogin%253FReturnUrl%253D%25252FAccount%25252FIndex 8080 - 192.16 Mozilla/Mozilla/Mozilla/5.16 Windows+NT+10.0;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 302 0 0 4

2018-01-31 15:58:18 10.153.60.112获取 /帐户 /login returnurl =%2facCount%2flogin%2flogin%3DDD%252FacCount%252FLOGIN%252flogin%253FRETURNURL%253FRETURNURL%253d%252522522525252525252525252525252525252525252525252525252525252525252525252525252525252ffLET; 192.168.5.158 Mozilla/5.0+(Windows+NT+10.0;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 302 0 0 3

有任何想法吗?

更新

感谢@stephen.vakil 在下面的评论中解决了这个问题 - 一旦我在 IIS 中启用了除了表单身份验证之外的匿名身份验证,一切都按预期工作。

4

0 回答 0