Export (0) Print
Expand All

FormsAuthentication::GetRedirectUrl Method

Returns the redirect URL for the original request that caused the redirect to the login page.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public:
static String^ GetRedirectUrl(
	String^ userName, 
	bool createPersistentCookie
)

Parameters

userName
Type: System::String

The name of the authenticated user.

createPersistentCookie
Type: System::Boolean

This parameter is ignored.

Return Value

Type: System::String
A string that contains the redirect URL.

You can use this method when you want to perform the redirect in your application code instead of using the RedirectFromLoginPage method.

The GetRedirectUrl method returns the URL specified in the query string using the ReturnURL variable name. For example, in the URL http://www.contoso.com/login.aspx?ReturnUrl=caller.aspx, the GetRedirectUrl method returns the return URL caller.aspx. If the ReturnURL variable does not exist, the GetRedirectUrl method returns the URL in the DefaultUrl property.

ASP.NET automatically adds the return URL when the browser is redirected to the login page.

By default, the ReturnUrl variable must refer to a page within the current application. If ReturnUrl refers to a page in a different application or on a different server, the GetRedirectUrl methods returns the URL in the DefaultUrl property. If you want to allow the return URL to refer to a page outside the current application, you must set the EnableCrossAppRedirects property to true using the enableCrossAppRedirects attribute of the forms configuration element.

Security noteSecurity Note

Setting the EnableCrossAppRedirects property to true to allow cross-application redirects is a potential security threat. For more information, see the EnableCrossAppRedirects property.

The following code example redirects authenticated users to the URL returned from the GetRedirectUrl method.

Security noteSecurity Note

This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.

No code example is currently available or this language may not be supported.

.NET Framework

Supported in: 4.6, 4, 3.5, 3.0, 2.0, 1.1, 1.0

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Show:
© 2014 Microsoft