Users may be redirected to an undefined page when using the Sitecore Client in Internet Explorer


Description

When using the Sitecore Client in Internet Explorer, after the user session expires, the user may be redirected to a page with the URL like the following one instead of the login page:

http://hostname/sitecore/:///undefined?returnUrl=%2Fsitecore%2Fshell

The following error may also appear:

Exception: System.Web.HttpException
Message: A potentially dangerous Request.Path value was detected from the client (:).
Source: System.Web
   at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
   at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)

Solution

To fix this issue, perform the following steps:

  1. Copy the attached Sitecore.Support.437015.dll assembly to the \bin folder.
  2. Copy the attached Sitecore.Support.437015.config file to the \App_Config\Include folder.
  3. Replace the \sitecore\shell\Controls\Sitecore.js file with the attached Sitecore.js.
  4. Navigate to the \sitecore\login\default.aspx file and change its Page directive as follows: 
    <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="Sitecore.Support.sitecore.login.Default" %>
  5. Clear your browser caches and restart the browser.