CA1056: URI properties should not be strings

 

For the latest documentation on Visual Studio 2017, see Visual Studio 2017 Documentation.

For the latest documentation on Visual Studio 2017, see CA1056: URI properties should not be strings on docs.microsoft.com.

TypeNameUriPropertiesShouldNotBeStrings
CheckIdCA1056
CategoryMicrosoft.Design
Breaking ChangeBreaking

A type declares a string property whose name contains "uri", "Uri", "urn", "Urn", "url", or "Url".

This rule splits the property name into tokens based on the Pascal casing convention and checks whether each token equals "uri", "Uri", "urn", "Urn", "url", or "Url". If there is a match, the rule assumes that the property represents a uniform resource identifier (URI). A string representation of a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. The System.Uri class provides these services in a safe and secure manner.

To fix a violation of this rule, change the property to a Uri type.

It is safe to suppress a warning from this rule if the property does not represent a URI.

The following example shows a type, ErrorProne, that violates this rule, and a type, SaferWay, that satisfies the rule.

using System;

namespace DesignLibrary
{
   public class ErrorProne
   {
      string someUri;

      // Violates rule UriPropertiesShouldNotBeStrings.
      public string SomeUri
      {
         get { return someUri; }
         set { someUri = value; }
      }

      // Violates rule UriParametersShouldNotBeStrings.
      public void AddToHistory(string uriString) { }

      // Violates rule UriReturnValuesShouldNotBeStrings.
      public string GetRefererUri(string httpHeader)
      {
         return "http://www.adventure-works.com";
      }
   }

   public class SaferWay
   {
      Uri someUri;

      // To retrieve a string, call SomeUri.ToString().
      // To set using a string, call SomeUri = new Uri(string).
      public Uri SomeUri
      {
         get { return someUri; }
         set { someUri = value; }
      }

      public void AddToHistory(string uriString)
      {
         // Check for UriFormatException.
         AddToHistory(new Uri(uriString));
      }

      public void AddToHistory(Uri uriType) { }

      public Uri GetRefererUri(string httpHeader)
      {
         return new Uri("http://www.adventure-works.com");
      }
   }
}

CA1054: URI parameters should not be strings

CA1055: URI return values should not be strings

CA2234: Pass System.Uri objects instead of strings

CA1057: String URI overloads call System.Uri overloads

Show: