Dela via


CA1057: String URI overloads call System.Uri overloads

Note

This article applies to Visual Studio 2015. If you're looking for the latest Visual Studio documentation, see Visual Studio documentation. We recommend upgrading to the latest version of Visual Studio. Download it here

Item Value
TypeName StringUriOverloadsCallSystemUriOverloads
CheckId CA1057
Category Microsoft.Design
Breaking Change Non-breaking

Cause

A type declares method overloads that differ only by the replacement of a string parameter with a System.Uri parameter, and the overload that takes the string parameter does not call the overload that takes the Uri parameter.

Rule Description

Because the overloads differ only by the string/Uri parameter, the string is assumed to represent a uniform resource identifier (URI). A string representation of a URI is prone to parsing and encoding errors, and can lead to security vulnerabilities. The Uri class provides these services in a safe and secure manner. To reap the benefits of the Uri class, the string overload should call the Uri overload using the string argument.

How to Fix Violations

Re-implement the method that uses the string representation of the URI so that it creates an instance of the Uri class using the string argument, and then passes the Uri object to the overload that has the Uri parameter.

When to Suppress Warnings

It is safe to suppress a warning from this rule if the string parameter does not represent a URI.

Example

The following example shows a correctly implemented string overload.

#using <system.dll>
using namespace System;

namespace DesignLibrary
{
   public ref class History
   {
   public:
      void AddToHistory(String^ uriString)
      {
          Uri^ newUri = gcnew Uri(uriString);
          AddToHistory(newUri);
      }

      void AddToHistory(Uri^ uriType) { }
   };
}
using System;

namespace DesignLibrary
{
   public class History
   {
      public void AddToHistory(string uriString)
      {
          Uri newUri = new Uri(uriString);
          AddToHistory(newUri);
      }

      public void AddToHistory(Uri uriType) { }
   }
}
Imports System

Namespace DesignLibrary

   Public Class History
   
      Sub AddToHistory(uriString As String)
          Dim newUri As New Uri(uriString)
          AddToHistory(newUri)
      End Sub

      Sub AddToHistory(uriType As Uri)
      End Sub

   End Class

End Namespace

CA2234: Pass System.Uri objects instead of strings

CA1056: URI properties should not be strings

CA1054: URI parameters should not be strings

CA1055: URI return values should not be strings