I can access the querystring variable on a GET request, but not a POST

Question

If I try and access a webpage that has a filter that checks for authentication, it redirects to the login page when I am surfing anonymous. So the URL may look like:

www.example.com/user/login?ReturnUrl=/user/settings

My Login action has 2 methods, when for GET and one for POST request types.

[AcceptVerbs("GET")
public ActionResult Login()
{
}
[AcceptVerbs("POST")
public ActionResult Login(FormCollection f)
{
}

The following code is in both the GET and POST login action:

 string redirectUrl = "";

 if(Request.QueryString["ReturnUrl"] != null)
 {
  redirectUrl = Request.QueryString["ReturnUrl"];
 }

When in debug mode, the variable is initialized properly in the GET action, but in the POST action it just skips the call, which means it is NULL.

Why is this? The ReturnUrl is still visible in the url?

Answer 1

in case of POST request, check Request.Form["returnUrl"] property

Answer 2

Have a look here at the HttpContext.Request object.

There is lots of useful information returned available in either a GET or POST request.

http://msdn.microsoft.com/en-us/library/system.web.httprequest_members.aspx

Answer 3

Mixing query string parameters with a POST is technically not RFC-compliant, you're supposed to do one or the other, but not both. (Having said that I've not come across a browser / web-server that doesn't allow this).

If you wanted to do it "properly" you'd have the ReturnUrl as a hidden input field on the form and retrieve it along with the other form variables on the server.