| title | ms.date | ms.topic | f1_keywords | helpviewer_keywords | ms.assetid | author | ms.author | manager | dev_langs | ms.workload | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
CA1057: String URI overloads call System.Uri overloads |
11/04/2016 |
reference |
|
|
ef1e983e-9ca7-404b-82d7-65740ba0ce20 |
mikejo5000 |
mikejo |
jillfra |
|
|
| Item | Value |
|---|---|
| CheckId | CA1057 |
| Category | Microsoft.Design |
| Breaking change | Non-breaking |
A type declares method overloads that differ only by the replacement of a string parameter with a xref:System.Uri?displayProperty=fullName parameter, and the overload that takes the string parameter does not call the overload that takes the xref:System.Uri parameter.
Because the overloads differ only by the string or xref:System.Uri parameter, the string is assumed to represent a uniform resource identifier (URI). A string representation of a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. The xref:System.Uri class provides these services in a safe and secure manner. To reap the benefits of the xref:System.Uri class, the string overload should call the xref:System.Uri overload using the string argument.
Reimplement the method that uses the string representation of the URI so that it creates an instance of the xref:System.Uri class using the string argument, and then passes the xref:System.Uri object to the overload that has the xref:System.Uri parameter.
It is safe to suppress a warning from this rule if the string parameter does not represent a URI.
The following example shows a correctly implemented string overload.
[!code-csharpFxCop.Design.CallUriOverload#1] [!code-cppFxCop.Design.CallUriOverload#1] [!code-vbFxCop.Design.CallUriOverload#1]
CA2234: Pass System.Uri objects instead of strings
CA1056: URI properties should not be strings