BackwardCompatibilitySettings.RemovePotentiallyDangerousNavigateUrlDefaultValue Property

Specifies whether to remove potentially dangerous navigate URLs.

Assembly: DevExpress.Web.v21.2.dll

Declaration

C#
VB.NET

public bool RemovePotentiallyDangerousNavigateUrlDefaultValue { get; set; }

Public Property RemovePotentiallyDangerousNavigateUrlDefaultValue As Boolean

Property Value

Type	Description
Boolean	true, to remove potentially dangerous navigate Urls; otherwise, false.

Property Paths

You can access this nested property as listed below:

Object Type	Path to RemovePotentiallyDangerousNavigateUrlDefaultValue
ASPxWebControl	.BackwardCompatibility .RemovePotentiallyDangerousNavigateUrlDefaultValue

Remarks

Use the RemovePotentiallyDangerousNavigateUrlDefaultValue property to validate the grid-based controls’ HyperlinkColumn values to prevent XSS vulnerability.

A secure URL starts with the “http:” or “https:” or doesn’t contain the ‘:’ symbol (relative URLs). Setting the RemovePotentiallyDangerousNavigateUrlDefaultValue property to true removes all potentially dangerous URLs from the <a> HTML element so it is rendered without HREF attribute.

Note

Note that grid-based controls validate only data source values used in the HyperlinkColumn column and ignore the HyperLinkProperties.NavigateUrlFormatString property.

Global.asax:

void Application_Start(object sender, EventArgs e) {
        ASPxWebControl.BackwardCompatibility.RemovePotentiallyDangerousNavigateUrlDefaultValue = true;
    }

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

BackwardCompatibilitySettings.RemovePotentiallyDangerousNavigateUrlDefaultValue Property

Declaration

Property Value

Property Paths

Remarks