WebForms 网站的身份在自动重定向 URL 中省略了“.aspx”
-
20-12-2019 - |
题
我有一个使用 ASP.NET Identity 进行身份验证的 WebForms 站点。如果我尚未登录该网站,它会自动尝试将我重定向到登录页面。然而,它省略了 URL 的“.aspx”部分,所以我留下了 http://localhost:10684/Login?ReturnUrl=...
. 。由于用户无权访问 /Login
(没有 .aspx),它会一次又一次自动重定向,直到 Chrome 停止它并说存在重定向循环。
我能否深入了解可能导致此问题的原因?
这是我在尝试访问时停止后留下的完整网址 http://localhost:10684/Default.aspx
:
http://localhost:10684/Login?ReturnUrl=%2FLogin%3FReturnUrl%3D%252FLogin%253FReturnUrl%253D%25252FLogin%25253FReturnUrl%25253D%2525252FLogin%2525253FReturnUrl%2525253D%252525252FLogin%252525253FReturnUrl%252525253D%25252525252FLogin%25252525253FReturnUrl%25252525253D%2525252525252FLogin%2525252525253FReturnUrl%2525252525253D%252525252525252FLogin%252525252525253FReturnUrl%252525252525253D%25252525252525252FLogin%25252525252525253FReturnUrl%25252525252525253D%2525252525252525252FLogin%2525252525252525253FReturnUrl%2525252525252525253D%252525252525252525252FLogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252FLogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252FLogin%2525252525252525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252FLogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252FLogin%25252525252525252525252525253FReturnUrl%25252525252525252525252525253D%2525252525252525252525252525252FLogin%2525252525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252FLogin%252525252525252525252525252525253FReturnUrl%252525252525252525252525252525253D%25252525252525252525252525252525252FLogin%25252525252525252525252525252525253FReturnUrl%25252525252525252525252525252525253D%2525252525252525252525252525252525252FLogin%2525252525252525252525252525252525253FReturnUrl%2525252525252525252525252525252525253D%252525252525252525252525252525252525252FLogin%252525252525252525252525252525252525253FReturnUrl%252525252525252525252525252525252525253D%25252525252525252525252525252525252525252FDefault.aspx
解决方案
检查您的 web.config 的身份验证设置,例如:
<authentication mode="Forms">
<forms loginUrl="/Login" />
</authentication>
可能会缺少 .aspx
扩大:
<authentication mode="Forms">
<forms loginUrl="/Login.aspx" />
</authentication>
同样,如果重定向 URL 是在某个位置的代码隐藏中定义的,请检查是否提供了扩展。搜索以下实例 /Login
或者 ~/Login
在源代码中查看可能引用它的位置。