FormsAuthentication.RedirectFromLoginPage Method (String, Boolean)
Redirects an authenticated user back to the originally requested URL or the default URL.
Assembly: System.Web (in System.Web.dll)
public static void RedirectFromLoginPage( string userName, bool createPersistentCookie )
The return URL specified in the query string contains a protocol other than HTTP: or HTTPS:.
The http://www.contoso.com/login.aspx?ReturnUrl=caller.aspx, the method redirects tothe return URL caller.aspx. If the ReturnURL variable does not exist, the method redirects to the URL in the DefaultUrl property.method redirects to the URL specified in the query string using the ReturnURL variable name. For example, in the URL
ASP.NET automatically adds the return URL when the browser is redirected to the login page.
By default, the ReturnUrl variable must refer to a page within the current application. If ReturnUrl refers to a page in a different application or on a different server, the DefaultUrl property. If you want to allow redirects to a page outside the current application, you must set the EnableCrossAppRedirects property to true using the enableCrossAppRedirects attribute of the configuration element.methods redirects to the URL in the
If the CookiesSupported property is true, and either the ReturnUrl variable is within the current application or the EnableCrossAppRedirects property is true, then the method issues an authentication ticket and places it in the default cookie using the SetAuthCookie method.
If CookiesSupported is false and the redirect path is to a URL in the current application, the ticket is issued as part of the redirect URL. If CookiesSupported is false, EnableCrossAppRedirects is true, and the redirect URL does not refer to a page within the current application, the method issues an authentication ticket and places it in the QueryString property.
Legacy Code Example
The following code example redirects validated users to either the originally requested URL or the DefaultUrl. The code example uses ASP.NET membership to validate users. For more information about ASP.NET membership, see Managing Users by Using Membership.
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.
Available since 1.1