CA1054:URI 参数不应为字符串

类型名

UriParametersShouldNotBeStrings

CheckId

CA1054

类别

Microsoft.Design

是否重大更改

原因

某类型使用名称中包含“uri”、“Uri”、“urn”、“Urn”、“url”或“Url”的字符串参数声明了方法,并且该类型没有声明采用 System.Uri 参数的相应重载。

规则说明

该规则根据 Camel 大小写约定将参数名称拆分成标记,并检查每个标记是否与“uri”、“Uri”、“urn”、“Urn”、“url”或“Url”相等。 如果存在匹配项,则该规则假定此参数表示一个统一资源标识符 (URI)。 URI 的字符串表示形式容易导致分析和编码错误,并且可造成安全漏洞。 如果某方法采用 URI 的字符串表示形式,则应提供采用 Uri 类的实例的相应重载,该重载以安全的方式提供这些服务。

如何解决冲突

要修复与该规则的冲突,请将参数更改为 Uri 类型;此更改是一个重大更改。 或者,提供采用 Uri 参数的方法的重载;此更改不是重大更改。

何时禁止显示警告

如果参数不表示 URI,则可以安全地禁止显示此规则发出的警告。

示例

下面的示例演示与该规则冲突的 ErrorProne 类型和满足该规则的 SaferWay 类型。

Imports System

Namespace DesignLibrary

   Public Class ErrorProne

      Dim someUriValue As String 

      ' Violates rule UriPropertiesShouldNotBeStrings.
      Property SomeUri As String
         Get 
            Return someUriValue 
         End Get
         Set 
            someUriValue = Value 
         End Set
      End Property

      ' Violates rule UriParametersShouldNotBeStrings.
      Sub AddToHistory(uriString As String)
      End Sub

      ' Violates rule UriReturnValuesShouldNotBeStrings.
      Function GetRefererUri(httpHeader As String) As String
         Return "https://www.adventure-works.com"
      End Function

   End Class

   Public Class SaferWay

      Dim someUriValue As Uri 

      ' To retrieve a string, call SomeUri.ToString().
      ' To set using a string, call SomeUri = New Uri(string).
      Property SomeUri As Uri
         Get 
            Return someUriValue 
         End Get
         Set 
            someUriValue = Value 
         End Set
      End Property

      Sub AddToHistory(uriString As String)
         ' Check for UriFormatException.
         AddToHistory(New Uri(uriString))
      End Sub

      Sub AddToHistory(uriString As Uri)
      End Sub

      Function GetRefererUri(httpHeader As String) As Uri
         Return New Uri("https://www.adventure-works.com")
      End Function

   End Class

End Namespace
using System;

namespace DesignLibrary
{
   public class ErrorProne
   {
      string someUri;

      // Violates rule UriPropertiesShouldNotBeStrings.
      public string SomeUri
      {
         get { return someUri; }
         set { someUri = value; }
      }

      // Violates rule UriParametersShouldNotBeStrings.
      public void AddToHistory(string uriString) { }

      // Violates rule UriReturnValuesShouldNotBeStrings.
      public string GetRefererUri(string httpHeader)
      {
         return "https://www.adventure-works.com";
      }
   }

   public class SaferWay
   {
      Uri someUri;

      // To retrieve a string, call SomeUri.ToString().
      // To set using a string, call SomeUri = new Uri(string).
      public Uri SomeUri
      {
         get { return someUri; }
         set { someUri = value; }
      }

      public void AddToHistory(string uriString)
      {
         // Check for UriFormatException.
         AddToHistory(new Uri(uriString));
      }

      public void AddToHistory(Uri uriType) { }

      public Uri GetRefererUri(string httpHeader)
      {
         return new Uri("https://www.adventure-works.com");
      }
   }
}
#using <system.dll>
using namespace System;

namespace DesignLibrary
{
   public ref class ErrorProne
   {
   public:
      // Violates rule UriPropertiesShouldNotBeStrings.
      property String^ SomeUri;

      // Violates rule UriParametersShouldNotBeStrings.
      void AddToHistory(String^ uriString) { }

      // Violates rule UriReturnValuesShouldNotBeStrings.
      String^ GetRefererUri(String^ httpHeader)
      {
         return "https://www.adventure-works.com";
      }
   };

   public ref class SaferWay
   {
   public:
      // To retrieve a string, call SomeUri()->ToString().
      // To set using a string, call SomeUri(gcnew Uri(string)).
      property Uri^ SomeUri;

      void AddToHistory(String^ uriString)
      {
         // Check for UriFormatException.
         AddToHistory(gcnew Uri(uriString));
      }

      void AddToHistory(Uri^ uriType) { }

      Uri^ GetRefererUri(String^ httpHeader)
      {
         return gcnew Uri("https://www.adventure-works.com");
      }
   };
}

相关规则

CA1056:URI 属性不应是字符串

CA1055:URI 返回值不应是字符串

CA2234:传递 System.Uri 对象,而不传递字符串

CA1057:字符串 URI 重载调用 System.Uri 重载