Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rule S3995: URI return values should not be strings #269

Closed
valhristov opened this issue May 3, 2017 · 0 comments
Closed

Rule S3995: URI return values should not be strings #269

valhristov opened this issue May 3, 2017 · 0 comments
Assignees
@michalb-sonar
Milestone
5.11

Comments

@valhristov
Copy link
Contributor

valhristov commented May 3, 2017
edited
Loading

RSPEC-3995

String representations of URIs or URLs are prone to parsing and encoding errors which can lead to vulnerabilities. The System.Uri class is a safe alternative and should be preferred.

This rule raises an issue when method has a string return type and its name contains "uri", "Uri", "urn", "Urn", "url" or "Url".
@valhristov valhristov added this to the 5.11 milestone May 3, 2017
@valhristov valhristov changed the title Rule 3995: URI return values should not be strings Rule S3995: URI return values should not be strings May 3, 2017
@michalb-sonar michalb-sonar self-assigned this May 8, 2017
@michalb-sonar michalb-sonar mentioned this issue May 10, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@michalb-sonar michalb-sonar

Labels
None yet
Projects
None yet
Milestone
5.11
Development

No branches or pull requests
2 participants
@valhristov @michalb-sonar