Password protection page removes query string from url

[eleniaidonidou]

Describe the bug

I have enabled password protection for a Static Web App for the stage environments. The problem is that the login screen that azure shows for Authentication removes the query string params.

To Reproduce Steps to reproduce the behavior:

1. Go to Azure Static Web App > Configuration > General Settings
2. Enable password protection and set up a password
3. Go back to your website and try to open a url with query params eg. www.mysite.com/test?param=1
4. You are redirected to www.mysite.com/.auth/basicAuth/login?originalPath=test
5. Query string "?param=1" is now lost, so after you enter password you are lead to www.mysite.com/test

Expected behavior I would expect to be redirected to sth like www.mysite.com/.auth/basicAuth/login?originalPath=test&originalSearch=param=1 so that information in the query string is preserved.

[jlev]

This is also causing a problem for my site, where I'd like to use auth0 for an admin page. Right now the callback from auth0 includes a token on successful login, but the basicAuth page is stripping it on redirect. I only use password protection on my dev and staging instance, so that it's live for testing but not available publically.

Is there a way to disable the password protection just for a single route? Or ensure that the params are passed through the basicAuth page?

[jlev]

I ended up having to enable AAD protection for my dev and staging apps, and then allowing anonymous access to the routes that are needed for auth0. Kind of messy, but it does work.

Would be great to be able to use just basic auth for simpler use cases. Seems like a straightforward bug to fix by maintaining the url parameters.

[twitthoeft-gls]

Just got bit by this too! +1 for a fix!