I request a URL like this:
http://mylocalsite/virtual/page.aspx?var1=1&var2=2&var3=3
I'm using FormsAuthentication and am unauthenticated, so I'm redirected. This is what the browser location bar shows:
http://mylocalsite/virtual/login.aspx?ReturnUrl=/virtual/page.aspx?var1=1&var2=2&var3=3
In the PageLoad event of login.aspx I try to inspect the URL two ways:
Dim example1 as String = Request.Url
Dim example2 as String = Request.Url.Scheme & "://" & Request.Url.Authority & Request.RawUrl
This is what I get:
' Example 1
http://mylocalsite/virtual/login.aspx?ReturnUrl=/virtual/page.aspx?var1=1&var2=2&var3=3&var1=1&var2=2&var3=3
' Example 2 - is URLEncoded
http://mylocalsite/virtual/login.aspx?ReturnUrl=%2fvirtual%2fpage.aspx%3fvar1%3d1%26var2%3d2%26var3%3d3%26var1%3d1%26var2%3d2%26var3%3d3
Why is my query string doubling up in both of these examples?
This is done by design so you have access to those querystring parameters during login. Those parameters must also be preserved for redirect post-login too - so they are url encoded as well. See the Anatomy of Forms Authentication ReturnUrl for a more detailed explanation.