undo r39947. See bugzilla #73073.

svn path=/trunk/mcs/; revision=41298

mcs/class/System.Web/System.Web.Security/ChangeLog

@@ -9,11 +9,6 @@
 	password in SHA1 and MD5. Thanks to Tadas Dailyda.
 	Lock on a static object instead of typeof(FormsAuthentication).
 
-2005-02-01 Gonzalo Paniagua Javier <[email protected]>
-
-	* FormsAuthenticationModule.cs: allow accessing other files in the
-	directory where the login page is. Fixes bug #71871.
-
 2004-11-18 Lluis Sanchez Gual <[email protected]>
 
 	* RoleProvider.cs, Roles.cs, SqlRoleProvider.cs, RoleProviderCollection.cs,

mcs/class/System.Web/System.Web.Security/FormsAuthenticationModule.cs

@@ -29,7 +29,6 @@
 //
 
 using System;
-using System.IO;
 using System.Security.Principal;
 using System.Text;
 using System.Web;
@@ -50,13 +49,6 @@ namespace System.Web.Security
 			app.EndRequest += new EventHandler (OnEndRequest);
 		}
 
-		bool CheckIfSkip (string loginPath, string requestPath)
-		{
-			string realLogin = Path.GetDirectoryName (loginPath);
-			string realRequest = Path.GetDirectoryName (requestPath);
-			return (realLogin == realRequest);
-		}
-
 		void OnAuthenticateRequest (object sender, EventArgs args)
 		{
 			HttpApplication app = (HttpApplication) sender;
@@ -73,8 +65,6 @@ namespace System.Web.Security
 			string reqPath = context.Request.PhysicalPath;
 			string loginPath = context.Request.MapPath (loginPage);
 			context.SkipAuthorization = (reqPath == loginPath);
-			if (context.SkipAuthorization == false && loginPath != null && loginPath != "")
-				context.SkipAuthorization = CheckIfSkip (loginPath, reqPath);
 			
 			FormsAuthenticationEventArgs formArgs = new FormsAuthenticationEventArgs (context);
 			if (Authenticate != null)