Allowing local URL in Microsoft.Security.Application.Sanitizer.GetSafeHtmlFragment

Microsoft.Security.Application.Sanitizer.GetSafeHtmlFragment seems to strip all <a href="">link</a> into <a>link</a>

Is there anyway to preserve local URL, e.g. <a href="/Product/1"> when passing it into Sanitizer.GetSafeHtmlFragment?

Note: I'm using AntiXSS 4.2.1

Solution

The AntiXSS library has been broken for a few months now. There's no way around this problem, unfortunately. Either you rollback to a previous version, or search for something else to use.

How to use C# to sanitize input on an html page?
Can't include Microsoft.Security.Application?
Microsoft AntiXSS Alternative
Is the hyphen encoded in LDAP DNs?
Antixss for Kendo Grid
What is the difference between AntiXss.HtmlEncode and HttpUtility.HtmlEncode?
How to handle AntiXSSLibrary Globaly in asp.net application?
How to write in asp.net web.config httpRuntime for 3.5 framework
I use AntiXSS but I still can hack page
How to Include Anti-XSS in ASP.Net 2.0 Without Visual Studio
System.Web.Security.AntiXss.AntiXssEncoder vs Microsoft.Security.Application.AntiXssEncoder
Are there any anti-XSS libraries for ASP.Net?
Microsoft Anti XSS Library encoding ampersands?
Why use Microsoft AntiXSS library?
In ASP.NET 4.5, how should I encode a string to be used as a JavaScript variable, to prevent XSS attacks
HTML sanitizer in ASP.NET MVC that filters dangerous markup, but allows the rest
How to handle XSS in a url query string in asp.net 3.5 using C#
ASP.NET controls and AntiXss
Using MS Anti XSS library for sanitizing HTML
Preventing XSS Attack on Form
why does MS anti xss library (v4) remove html 5 data attributes
How to use Microsofts WPL / Anti-XSS as default HTTPEncoder?
Is there a good reason why AntiXss.JavaScriptEncode wraps result in single quotes?
XSS in angularjs app and web api 2
bug in System.Web.Security.AntiXss.AntiXssEncoder.MarkAsSafe and LowerCodeCharts.None?
Input "placeholder" attribute no longer working in IE when using AntiXssEncoder
ASP.NET MVC XSS Input Field strip HTML/Scripts or Sanitize
Preventing XSS attacks across site
Does anyone use Fortify 360 with Classic ASP? a Header Manipulation vulnerability story
AntiXSS JavaScriptEncode gets HTML encoded?