Export (0) Print
Expand All
Expand Minimize

CA1056: URI properties should not be strings

TypeName

UriPropertiesShouldNotBeStrings

CheckId

CA1056

Category

Microsoft.Design

Breaking Change

Breaking

A type declares a string property whose name contains "uri", "Uri", "urn", "Urn", "url", or "Url".

This rule splits the property name into tokens based on the Pascal casing convention and checks whether each token equals "uri", "Uri", "urn", "Urn", "url", or "Url". If there is a match, the rule assumes that the property represents a uniform resource identifier (URI). A string representation of a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. The System.Uri class provides these services in a safe and secure manner.

To fix a violation of this rule, change the property to a Uri type.

It is safe to suppress a warning from this rule if the property does not represent a URI.

The following example shows a type, ErrorProne, that violates this rule, and a type, SaferWay, that satisfies the rule.


using System;

namespace DesignLibrary
{
   public class ErrorProne
   {
      string someUri;

      // Violates rule UriPropertiesShouldNotBeStrings.
      public string SomeUri
      {
         get { return someUri; }
         set { someUri = value; }
      }

      // Violates rule UriParametersShouldNotBeStrings.
      public void AddToHistory(string uriString) { }

      // Violates rule UriReturnValuesShouldNotBeStrings.
      public string GetRefererUri(string httpHeader)
      {
         return "http://www.adventure-works.com";
      }
   }

   public class SaferWay
   {
      Uri someUri;

      // To retrieve a string, call SomeUri.ToString().
      // To set using a string, call SomeUri = new Uri(string).
      public Uri SomeUri
      {
         get { return someUri; }
         set { someUri = value; }
      }

      public void AddToHistory(string uriString)
      {
         // Check for UriFormatException.
         AddToHistory(new Uri(uriString));
      }

      public void AddToHistory(Uri uriType) { }

      public Uri GetRefererUri(string httpHeader)
      {
         return new Uri("http://www.adventure-works.com");
      }
   }
}


Community Additions

ADD
Show:
© 2014 Microsoft