HtmlAnchor.HRef Property
.NET Framework 4
Gets or sets the URL target of the link specified in the HtmlAnchor server control.
Assembly: System.Web (in System.Web.dll)
Use this property to specify the URL to link to when the HtmlAnchor control is clicked.
The following code example demonstrates how to use the HRef property to specify a Web page to navigate to when the HtmlAnchor control is clicked.
<%@ Page Language="C#" AutoEventWireup="True" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>ASP.NET Example</title> </head> <body> <form id="form1" method="post" runat="server"> <a href="http://www.microsoft.com" runat="server"> Enter site.</a> </form> </body> </html>
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Note that this property is vulnerable to XSS
See these blog posts for more details:
http://o2platform.wordpress.com/2011/11/06/checking-if-nets-htmlanchor-href-property-is-vulnerable-to-xss/
http://diniscruz.blogspot.com/2011/11/aspnet-anchor-tag-allows-xss-payloads.html
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
http://o2platform.wordpress.com/2011/11/06/checking-if-nets-htmlanchor-href-property-is-vulnerable-to-xss/
http://diniscruz.blogspot.com/2011/11/aspnet-anchor-tag-allows-xss-payloads.html
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
- 11/7/2011
- Dinis.Cruz
- 11/10/2011
- Thomas Lee
