Michael Schulz writes:
i am trying to redirect a request back to its origin-url after a user authentication using the response.redirect mechanism providing it with the url via http_referer. You know that "HTTP_REFERER" is unreliable (often not there, sometimes faked)?
Pass the required information into the user authentication.
This works well unless the origin-url has a query section appended (e.g. http://www.xxx.yy/origin/url?id=007).
Anybody has experienced the same and found a way how to solve that? No need to say that this query string is essential and it can't be omitted.
Do not use "HTTP_REFERER" but remember URL and QUERY_STRING yourself. Then, perform: <dtml-call "RESPONSE.redirect(RememberedURL+'?'+RememberedQueryString)"> will work for all GET requests. Dieter