CA1056:URI 屬性不應該為字串
型別名稱 |
UriPropertiesShouldNotBeStrings |
CheckId |
CA1056 |
分類 |
Microsoft.Design |
中斷變更 |
中斷 |
原因
型別所宣告之字串屬性的名稱會包含 "uri"、"Uri"、"urn"、"Urn"、"url" 或 "Url"。
規則描述
此規則會根據 Pascal 命名法的大小寫慣例將屬性名稱分割為多個語彙基元 (Token),並檢查每個語彙基元是否等於 "uri"、"Uri"、"urn"、"Urn"、"url" 或 "Url"。 如果有相對應的情況,則規則會假設該屬性表示統一資源識別元 (URI)。 URI 的字串表示方式容易發生剖析和編碼錯誤,並且可能因此產生安全性弱點。 System.Uri 類別以安全的方式提供這些服務。
如何修正違規
若要修正此規則的違規情形,請將屬性變更為 Uri 型別。
隱藏警告的時機
如果屬性不代表 URI,則您可以放心地隱藏此規則的警告。
範例
下列程式碼範例會示範違反此規則的型別 (ErrorProne),和滿足此規則的型別 (SaferWay)。
Imports System
Namespace DesignLibrary
Public Class ErrorProne
Dim someUriValue As String
' Violates rule UriPropertiesShouldNotBeStrings.
Property SomeUri As String
Get
Return someUriValue
End Get
Set
someUriValue = Value
End Set
End Property
' Violates rule UriParametersShouldNotBeStrings.
Sub AddToHistory(uriString As String)
End Sub
' Violates rule UriReturnValuesShouldNotBeStrings.
Function GetRefererUri(httpHeader As String) As String
Return "https://www.adventure-works.com"
End Function
End Class
Public Class SaferWay
Dim someUriValue As Uri
' To retrieve a string, call SomeUri.ToString().
' To set using a string, call SomeUri = New Uri(string).
Property SomeUri As Uri
Get
Return someUriValue
End Get
Set
someUriValue = Value
End Set
End Property
Sub AddToHistory(uriString As String)
' Check for UriFormatException.
AddToHistory(New Uri(uriString))
End Sub
Sub AddToHistory(uriString As Uri)
End Sub
Function GetRefererUri(httpHeader As String) As Uri
Return New Uri("https://www.adventure-works.com")
End Function
End Class
End Namespace
using System;
namespace DesignLibrary
{
public class ErrorProne
{
string someUri;
// Violates rule UriPropertiesShouldNotBeStrings.
public string SomeUri
{
get { return someUri; }
set { someUri = value; }
}
// Violates rule UriParametersShouldNotBeStrings.
public void AddToHistory(string uriString) { }
// Violates rule UriReturnValuesShouldNotBeStrings.
public string GetRefererUri(string httpHeader)
{
return "https://www.adventure-works.com";
}
}
public class SaferWay
{
Uri someUri;
// To retrieve a string, call SomeUri.ToString().
// To set using a string, call SomeUri = new Uri(string).
public Uri SomeUri
{
get { return someUri; }
set { someUri = value; }
}
public void AddToHistory(string uriString)
{
// Check for UriFormatException.
AddToHistory(new Uri(uriString));
}
public void AddToHistory(Uri uriType) { }
public Uri GetRefererUri(string httpHeader)
{
return new Uri("https://www.adventure-works.com");
}
}
}
#using <system.dll>
using namespace System;
namespace DesignLibrary
{
public ref class ErrorProne
{
public:
// Violates rule UriPropertiesShouldNotBeStrings.
property String^ SomeUri;
// Violates rule UriParametersShouldNotBeStrings.
void AddToHistory(String^ uriString) { }
// Violates rule UriReturnValuesShouldNotBeStrings.
String^ GetRefererUri(String^ httpHeader)
{
return "https://www.adventure-works.com";
}
};
public ref class SaferWay
{
public:
// To retrieve a string, call SomeUri()->ToString().
// To set using a string, call SomeUri(gcnew Uri(string)).
property Uri^ SomeUri;
void AddToHistory(String^ uriString)
{
// Check for UriFormatException.
AddToHistory(gcnew Uri(uriString));
}
void AddToHistory(Uri^ uriType) { }
Uri^ GetRefererUri(String^ httpHeader)
{
return gcnew Uri("https://www.adventure-works.com");
}
};
}