Home Library Learn Samples Downloads Support Community Forums
MSDN Library
Development Tools and Languages
Visual Studio 2012
Application Development in Visual Studio
Quality and Diagnostic Tools
Analyzing Application Quality
Analyzing Managed Code Quality
Code Analysis for Managed Code Warnings
Design Warnings
CA1000: Do not declare static members on generic types
CA1001: Types that own disposable fields should be disposable
CA1002: Do not expose generic lists
CA1003: Use generic event handler instances
CA1004: Generic methods should provide type parameter
CA1005: Avoid excessive parameters on generic types
CA1006: Do not nest generic types in member signatures
CA1007: Use generics where appropriate
CA1008: Enums should have zero value
CA1009: Declare event handlers correctly
CA1010: Collections should implement generic interface
CA1011: Consider passing base types as parameters
CA1012: Abstract types should not have constructors
CA1013: Overload operator equals on overloading add and subtract
CA1014: Mark assemblies with CLSCompliantAttribute
CA1016: Mark assemblies with AssemblyVersionAttribute
CA1017: Mark assemblies with ComVisibleAttribute
CA1018: Mark attributes with AttributeUsageAttribute
CA1019: Define accessors for attribute arguments
CA1020: Avoid namespaces with few types
CA1021: Avoid out parameters
CA1023: Indexers should not be multidimensional
CA1024: Use properties where appropriate
CA1025: Replace repetitive arguments with params array
CA1026: Default parameters should not be used
CA1027: Mark enums with FlagsAttribute
CA1028: Enum storage should be Int32
CA1030: Use events where appropriate
CA1031: Do not catch general exception types
CA1032: Implement standard exception constructors
CA1033: Interface methods should be callable by child types
CA1034: Nested types should not be visible
CA1035: ICollection implementations have strongly typed members
CA1036: Override methods on comparable types
CA1038: Enumerators should be strongly typed
CA1039: Lists are strongly typed
CA1040: Avoid empty interfaces
CA1041: Provide ObsoleteAttribute message
CA1043: Use integral or string argument for indexers
CA1044: Properties should not be write only
CA1045: Do not pass types by reference
CA1046: Do not overload operator equals on reference types
CA1047: Do not declare protected members in sealed types
CA1048: Do not declare virtual members in sealed types
CA1049: Types that own native resources should be disposable
CA1050: Declare types in namespaces
CA1051: Do not declare visible instance fields
CA1052: Static holder types should be sealed
CA1053: Static holder types should not have constructors
CA1054: URI parameters should not be strings
CA1055: URI return values should not be strings
CA1056: URI properties should not be strings
CA1057: String URI overloads call System.Uri overloads
CA1058: Types should not extend certain base types
CA1059: Members should not expose certain concrete types
CA1060: Move P/Invokes to NativeMethods class
CA1061: Do not hide base class methods
CA1062: Validate arguments of public methods
CA1063: Implement IDisposable correctly
CA1064: Exceptions should be public
CA1065: Do not raise exceptions in unexpected locations
CA2210: Assemblies should have valid strong names
Expand Minimize
This topic has not yet been rated - Rate this topic

CA1054: URI parameters should not be strings

Visual Studio 2012

TypeName

UriParametersShouldNotBeStrings

CheckId

CA1054

Category

Microsoft.Design

Breaking Change

Breaking

A type declares a method with a string parameter whose name contains "uri", "Uri", "urn", "Urn", "url", or "Url" and the type does not declare a corresponding overload that takes a System.Uri parameter.

This rule splits the parameter name into tokens based on the camel casing convention and checks whether each token equals "uri", "Uri", "urn", "Urn", "url", or "Url". If there is a match, the rule assumes that the parameter represents a uniform resource identifier (URI). A string representation of a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. If a method takes a string representation of a URI, a corresponding overload should be provided that takes an instance of the Uri class, which provides these services in a safe and secure manner.

To fix a violation of this rule, change the parameter to a Uri type; this is a breaking change. Alternately, provide an overload of the method which takes a Uri parameter; this is a nonbreaking change.

It is safe to suppress a warning from this rule if the parameter does not represent a URI.

The following example shows a type, ErrorProne, that violates this rule, and a type, SaferWay, that satisfies the rule.

C#
C++
VB
Copy 
using System;

namespace DesignLibrary
{
   public class ErrorProne
   {
      string someUri;

      // Violates rule UriPropertiesShouldNotBeStrings. 
      public string SomeUri
      {
         get { return someUri; }
         set { someUri = value; }
      }

      // Violates rule UriParametersShouldNotBeStrings. 
      public void AddToHistory(string uriString) { }

      // Violates rule UriReturnValuesShouldNotBeStrings. 
      public string GetRefererUri(string httpHeader)
      {
         return "http://www.adventure-works.com";
      }
   }

   public class SaferWay
   {
      Uri someUri;

      // To retrieve a string, call SomeUri.ToString(). 
      // To set using a string, call SomeUri = new Uri(string). 
      public Uri SomeUri
      {
         get { return someUri; }
         set { someUri = value; }
      }

      public void AddToHistory(string uriString)
      {
         // Check for UriFormatException.
         AddToHistory(new Uri(uriString));
      }

      public void AddToHistory(Uri uriType) { }

      public Uri GetRefererUri(string httpHeader)
      {
         return new Uri("http://www.adventure-works.com");
      }
   }
}
Did you find this helpful?
(1500 characters remaining)
© 2013 Microsoft. All rights reserved.