Export (0) Print
Expand All
Expand Minimize
This topic has not yet been rated - Rate this topic

String uri overloads call system uri overloads

TypeName

StringUriOverloadsCallSystemUriOverloads

CheckId

CA1057

Category

Microsoft.Design

Breaking Change

NonBreaking

A type declares method overloads that differ only by the replacement of a string parameter with a System.Uri parameter, and the overload that takes the string parameter does not call the overload that takes the Uri parameter.

Because the overloads differ only by the string/Uri parameter, the string is assumed to represent a uniform resource identifier (URI). A string representation of a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. The Uri class provides these services in a safe and secure manner. To reap the benefits of the Uri class, the string overload should call the Uri overload using the string argument.

Re-implement the method that uses the string representation of the URI so that it creates an instance of the Uri class using the string argument, and then passes the Uri object to the overload that has the Uri parameter.

It is safe to exclude a warning from this rule if the string parameter does not represent a URI.

The following example shows a correctly implemented string overload.

#using <system.dll>
using namespace System;

namespace DesignLibrary
{
   public ref class History
   {
   public:
      void AddToHistory(String^ uriString)
      {
          Uri^ newUri = gcnew Uri(uriString);
          AddToHistory(newUri);
      }

      void AddToHistory(Uri^ uriType) { }
   };
}

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.