Use
System.Uri
instead of string
when dealing with Uri
s18
19 // CS-A1000: Use `System.URI` where possible.
20 // https://deepsource.io/directory/analyzers/csharp/issues/CS-A1000
21 public static string GetEndpointUri()22 {
23 return "http://www.contoso.com/";
24 }
Description
Representing URIs as string
s can prove to be a security risk as they are difficult to parse, validate and encode. It is therefore recommended that you use the more safer and reliable built-in alternative System.URI
.
Bad Practice
public string getEndpointUri()
{
return _endpoint;
}
Recommended
public Uri getEndpointUri()
{
return new URI(_endpoint);
}