# Bad value X for attribute “href” on element “a”: Illegal character in fragment: “>” is not allowed.

> Canonical HTML version: https://rocketvalidator.com/html-validation/bad-value-x-for-attribute-href-on-element-a-illegal-character-in-fragment-greater-than-is-not-allowed
> Attribution: Rocket Validator (https://rocketvalidator.com)
> License: CC BY 4.0 (https://creativecommons.org/licenses/by/4.0/)

A URL fragment identifier is the part of a URL that follows the `#` symbol, typically used to link to a specific section within a page. The URL specification (RFC 3986 and the WHATWG URL Standard) defines a strict set of characters that are permitted in fragments. The `>` character (greater-than sign) is among those that are **not** allowed to appear literally. When the W3C HTML Validator encounters `>` inside an `href` value — whether in the fragment or elsewhere in the URL — it raises this error.

In most cases, the `>` character appears in a URL by accident — for example, from a copy-paste error, a typo where the closing `>` of the tag accidentally ends up inside the attribute value, or a malformed template expression. Less commonly, a developer may genuinely need the `>` character as part of the URL content.

## Why This Matters

- **Broken links:** Browsers may interpret the `>` as the end of the HTML tag or handle the URL unpredictably, leading to broken navigation.
- **Standards compliance:** Invalid URLs violate both the HTML specification and URL syntax standards, causing validation failures.
- **Accessibility:** Screen readers and other assistive technologies rely on well-formed markup. A malformed `href` can confuse these tools and prevent users from reaching the intended destination.
- **Interoperability:** While some browsers may silently correct or ignore the invalid character, others may not. Valid URLs guarantee consistent behavior everywhere.

## How to Fix It

1. **If the `>` is a typo or copy-paste error**, simply remove it from the `href` value. This is the most common scenario.
2. **If the `>` is intentionally part of the fragment or URL**, replace it with its percent-encoded equivalent: `%3E`.
3. **Review your templates or CMS output** — this error often originates from template engines or content management systems that inject malformed values into `href` attributes.

## Examples

### Accidental `>` in the URL path

A common mistake is accidentally including the tag's closing `>` inside the attribute value:

```html
<!-- ❌ Invalid: ">" is not allowed in the URL -->
<a href="/page.php>">Read more</a>
```

Remove the stray `>`:

```html
<!-- ✅ Valid: clean URL without illegal character -->
<a href="/page.php">Read more</a>
```

### Illegal `>` in a fragment identifier

The `>` can also appear inside the fragment portion of the URL:

```html
<!-- ❌ Invalid: ">" in the fragment -->
<a href="/docs#section->overview">Go to overview</a>
```

If the `>` is unintentional, remove it:

```html
<!-- ✅ Valid: fragment without illegal character -->
<a href="/docs#section-overview">Go to overview</a>
```

If the `>` is genuinely needed in the fragment, percent-encode it:

```html
<!-- ✅ Valid: ">" encoded as %3E -->
<a href="/docs#section-%3Eoverview">Go to overview</a>
```

### Query string or path containing `>`

The same rule applies outside of fragments. If `>` appears anywhere in the URL, encode it:

```html
<!-- ❌ Invalid: ">" in query parameter -->
<a href="/search?filter=price>100">Expensive items</a>
```

```html
<!-- ✅ Valid: ">" percent-encoded as %3E -->
<a href="/search?filter=price%3E100">Expensive items</a>
```

### Template output errors

If you are using a server-side template or JavaScript framework, ensure that dynamic values inserted into `href` are properly URL-encoded. For example, in a template that generates links:

```html
<!-- ❌ Invalid: unencoded dynamic value -->
<a href="/results#filter=>50">View results</a>
```

```html
<!-- ✅ Valid: properly encoded value -->
<a href="/results#filter=%3E50">View results</a>
```

Most server-side languages provide built-in URL encoding functions (e.g., `encodeURIComponent()` in JavaScript, `urlencode()` in PHP, `urllib.parse.quote()` in Python) that will handle this automatically. Always use these functions when inserting dynamic content into URLs.