I have a working .NET MVC application, but when accessing with IE10 on Windows 8 the browser source code shows that all dynamically generated URLs, eg. with Url.Action("Index", "Home") are written as:
/(F(usb6gVWyFnXevozQyFvVxVdbsN0uM9kZ5wNu9gT9pWBINGuodOdzLKkIQzfhqy3UhnCLyXf78LugXZO2UPYfMbNzSJJawmbqUBL56TjKpXgWpiMdVAjB1T3YcPlGhZePwFd6C9P_f_Y89KiDnWcA9EfR1m0ud3IcBYTW8OwZxOMTd8bxt5hM8mgXVN6OSdoo3IMwRA2))/Home/Index
instead of:
/Home/Index
If we write the link with static HTML:
<a href="/Home/Index">[linktext]</a>
IE10 redirects to the login page. The problem is when leaving the site temporarily to go to a partner site that has a link back to the first site. As the injected code is missing the return URL is no longer valid and redirects to the login.
Anybody knows why this code is injected (Framework or IE10 issue?)
That code is part of ASP.NET's cookieless session feature. You can disable it in the web.config <configuration><system.web> section with:
<sessionState cookieless="false" />
Or with:
<forms cookieless="UseCookies" />
I don't know why IE10 is doing that. You could probably add a browser file in app_browsers with updated IE10 info to tell it it supports cookies. Or perhaps you have cookies disabled?
There is a bug in the browser definition files that shipped with .NET 2.0 and .NET 4, namely that they contain definitions for a certain range of browser versions. But the versions for some browsers (like IE 10) aren't within those ranges any more. Therefore, ASP.NET sees them as unknown browsers and defaults to a down-level definition, which has certain inconveniences, like that it does not support features like JavaScript and/or cookies.
Microsoft released hotfixes that correct the issue.
- .NET 4 - http://support.microsoft.com/kb/2600088
- .NET 2.0
- http://support.microsoft.com/kb/2600100 for Win7 SP1/Windows Server 2008 R2 SP1, Windows Vista/Server 2008, Windows XP/Server 2003
- http://support.microsoft.com/kb/2608565 for Win7/Windows Server 2008 R2 RTM
(Source)
Add your web.config file to cookieless="UseCookies" like this;
<authentication mode="Forms">
<forms loginUrl="~/YourLoginUrl" timeout="2880" **cookieless="UseCookies"** />
</authentication>
This solve quoted from this link; https://stackoverflow.com/a/15510453/2057154
来源:https://stackoverflow.com/questions/12228704/ie10-injects-token-into-net-mvc-links