Prevent Html injection in <a> Tags | General Discussion | ComponentOne Studio | MESCIUS Forums

Products
Support & Learning
Blogs
Pricing
Search
Cart
Sign In

.NET UI
.NET controls for desktop, web, and native mobile
ComponentOne
WinForms
WPF
WinUI
UWP
Xamarin
MAUI
ASP.NET MVC
ASP.NET Core
Blazor
ActiveX
WebAPI
Service Components
ASP.NET Web Forms

JAVASCRIPT
HTML5/JavaScript controls with support for Angular, React, and Vue
Wijmo
SpreadJS
ActiveReportsJS
DataViewsJS

DOCUMENT SOLUTIONS
Take total control of your documents with high-speed, intuitive document APIs
Excel, .NET Edition
Excel, Java Edition
PDF
Word
Imaging
Document Viewers

REPORTING
Full reporting solutions with extensive data visualization, viewers, and designers
ActiveReports .NET
ActiveReportsJS

SPREADSHEETS
Powerful spreadsheets for .NET, JavaScript, and COM
Spread.NET
SpreadJS
Spread COM
DataViewsJS

Our Latest Release

Check out the newest updates and features in ComponentOne 2025 v1
Learn More »

SUPPORT
Have a question or issue? Find out how we can help.
Forums
Licensing
Support Plans
Submit A Ticket

LEARNING
Read, watch, and learn about our products, team, and the latest trends.
Samples
Blogs
Videos
Knowledge Base
Webinars
Demos
Documentation
White Papers
Case Studies

LATEST RELEASE INFO
Find out what's new in the latest versions of our products.
ActiveReports .NET
ActiveReportsJS
ComponentOne
DsExcel .NET
DsExcel Java
DsImaging
DsPdf
DsWord
Spread.NET
SpreadJS
Wijmo

Our Latest Release

Check out the newest updates and features in ComponentOne 2025 v1
Learn More »

Prevent Html injection in <a> Tags

Posted by: senthamizh.selvi on 25 March 2025, 6:19 am EST

Please login to follow topic

senthamizh.selvi
- Post Options:
- Link
  Copy
Posted 25 March 2025, 6:19 am EST

In Wijmo grid, We are using CellMaker.makeLink for the hyperlink and we are getting penetration testing issue on this hyperlink.

We also tried Dom sanitizer, but dont know exactly how to sanitize the url using this DOM sanitizer method.

Could you please provide us any other way to prevent the HTML Injection on the href attribute.
vivek.pannu
- Post Options:
- Link
  Copy
Posted 26 March 2025, 8:27 am EST

Hi Senthamizh,

Could you please share some more information related to the issue, i.e., which tool you are using for penetration testing? Please share the specific steps, if any, that I can follow to replicate the issue on my end, as I am not very familiar with penetration testing. Please share a small sample in which we can replicate the issue, if possible. I am assuming that you are using the Angular framework. Please share the above details so that I can investigate the issue further and assist you accordingly.

Regards

Please login to reply to thread

Need extra support?

Upgrade your support plan and get personal unlimited phone support with our customer engagement team

Forum Channels

ComponentOne

Forums for all current editions of the ComponentOne .NET UI control product line, including ComponentOne Studio and ComponentOne Studio for Xamarin.
ActiveReports

Forums for all versions of ActiveReports and ActiveReports Server
Spread

Forums for all current versions of Spread .NET spreadsheets, SpreadJS JavaScript spreadsheets, and SpreadCOM spreadsheets.
Wijmo

Forums for all Wijmo products, including Wijmo Core, FinancialChart, FlexSheet, MultiRow, OLAP, and ReportViewer
- General Discussion
Document Solutions

Forums for all Document Solutions products, including Document Solutions for PDF, Word, Excel (.NET and Java), and Imaging.

© 2023 MESCIUS USA, Inc. All Rights Reserved. · 1.800.858.2739

All product and company names herein may be trademarks of their respective owners.