HyperLinkProperties.RemovePotentiallyDangerousNavigateUrl Property

Specifies whether to remove potentially dangerous navigate URLs within a hyperlink column.

Assembly: DevExpress.Web.v21.2.dll

Declaration

C#
VB.NET

[DefaultValue(DefaultBoolean.Default)]
public DefaultBoolean RemovePotentiallyDangerousNavigateUrl { get; set; }

<DefaultValue(DefaultBoolean.Default)>
Public Property RemovePotentiallyDangerousNavigateUrl As DefaultBoolean

Property Value

Type	Default	Description
DefaultBoolean	Default	One of the DefaultBoolean enumeration values.

Available values:

Name	Description
True	`true`. `DefaultBoolean.True` has a constant value of `0`, while the standard `true` value corresponds to a value of `1`. In Visual Basic, do not use implicit conversion of Boolean values to `DefaultBoolean`, and vice versa, as the conversion may produce incorrect results.
False	`false`. `DefaultBoolean.False` has a constant value of `1`, while the standard `false` value corresponds to a value of `0`. In Visual Basic, do not use implicit conversion of Boolean values to `DefaultBoolean`, and vice versa, as the conversion may produce incorrect results.
Default	The default behavior determined by the control’s logic.

Remarks

Use the RemovePotentiallyDangerousNavigateUrl property to validate the HyperlinkColumn values to prevent XSS vulnerability.

A secure URL starts with the “http:” or “https:” or doesn’t contain the ‘:’ symbol (relative URLs). Setting the RemovePotentiallyDangerousNavigateUrl property to true removes all potentially dangerous URLs from the <a> HTML element so it is rendered without HREF attribute. If the RemovePotentiallyDangerousNavigateUrl property value is set to Default, the hyperlink column’s navigate url vaidation depends on the BackwardCompatibilitySettings.RemovePotentiallyDangerousNavigateUrlDefaultValue property value.

Note

Note that grid-based controls validate only data source values used in the HyperlinkColumn column and ignore the HyperLinkProperties.NavigateUrlFormatString property.

<dx:GridViewDataHyperLinkColumn FieldName="Link">
  <PropertiesHyperLinkEdit RemovePotentiallyDangerousNavigateUrl="True">
  </PropertiesHyperLinkEdit>
</dx:GridViewDataHyperLinkColumn>

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

HyperLinkProperties.RemovePotentiallyDangerousNavigateUrl Property

Declaration

Property Value

Remarks