Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
Visual Studio Team System 2008 Development Developer Center
Click to Rate and Give Feedback
MSDN
MSDN Library
Visual Studio 2008
Development Edition
 Specify StringComparison

  Switch on low bandwidth view
This page is specific to
Microsoft Visual Studio 2008/.NET Framework 3.5

Other versions are also available for the following:
Visual Studio Team System
Specify StringComparison

TypeName

SpecifyStringComparison

CheckId

CA1307

Category

Microsoft.Globalization

Breaking Change

Non Breaking

A string comparison operation uses a method overload that does not set a StringComparison parameter.

Many string operations, most important the Compare and Equals methods, provide an overload that accepts a StringComparison enumeration value as a parameter.

Whenever an overload exists that takes a StringComparison parameter, it should be used instead of an overload that does not take this parameter. By explicitly setting this parameter, your code is often made clearer and easier to maintain.

To fix a violation of this rule, change string comparison methods to overloads that accept the StringComparison enumeration as a parameter. For example: change String.Compare(str1, str2) to String.Compare(str1, str2, StringComparison.Ordinal).

It is safe to suppress a warning from this rule when the library or application is intended for a limited local audience and will therefore not be localized.

Tags What's this?: Add a tag
Community Content   What is Community Content?
Add new content RSS  Annotations
'When to Suppress Warning' is incorrect      David M. Kean   |   Edit   |   Show History

It is safe to suppress a warning from this rule when the library or application is intended for a limited local audience and will therefore not be localized.

This is actually incorrect. If making security decisions based on the result or doing path comparisons, you should explicitly specify a string comparison, passing one of StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase.

The following example shows a method that incorrectly compares the start of an URL:

[C#]
 
using System;
using System.Globalization;
using System.Threading;
 
namespace Samples
{
    class Program
    {
        static void Main(string[] args)
        {  
            Thread.CurrentThread.CurrentCulture = new CultureInfo("tr-TR");
 
            string url = "file:///C|/MyFile.txt";
            if (string.Compare(url, 0, "FILE:", 0, 5, true) == 0)
            {
                Console.WriteLine("File path");
            }
            else
            {
                Console.WriteLine("Something else");
            }
        }
    }
}


The above outputs the following:

Something else

To fix the above violation specify StringComparison.OrdinalIgnoreCase.

The following example shows this.

[C#]
 
using System;
using System.Globalization;
using System.Threading;
 
namespace Samples
{
    class Program
    {
        static void Main(string[] args)
        {
            Thread.CurrentThread.CurrentCulture = new CultureInfo("tr-TR");
 
            string url = "file:///C|/MyFile.txt";
 
            if (string.Compare(url, 0, "FILE:", 0, 5, StringComparison.OrdinalIgnoreCase) == 0)
            {
                Console.WriteLine("File path");
            }
            else
            {
                Console.WriteLine("Something else");
            }
        }
    }
}

The above outputs the following:

File path
Tags What's this?: Add a tag
Flag as ContentBug
More information      David M. Kean   |   Edit   |   Show History

By default, most of the comparison methods on the String class (such as String.Compare) perform a linguistic comparison. This is in constrast to String.Equals, which, by default, performs a non-linguistic (ordinal) comparison.
Because these linguistic comparisons use the thread's current culture (retrieved from CultureInfo.CurrentCulture), their behavior can vary based on the current user's locale settings. To make it clear which comparison method a particular call site makes, use an overload that takes a StringComparison value. This is especially important if comparing paths, registry keys, environment variables, or making security decisions based on the result.

For more information, see the following article:

New Recommendations for Using Strings in Microsoft .NET 2.0
http://msdn2.microsoft.com/en-us/library/ms973919.aspx

Tags What's this?: Add a tag
Flag as ContentBug
© 2009 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement
Page view tracker