Disable warning S4502 for part of code

Is it possible to disable “Warning S4502: Make sure disabling CSRF protection is safe here.” for a certain part of the code?

The reason for disabling it for a certain part of the code, is that we would like not to have warnings in our build log for issues that we have investigated and marked as “safe”.

We have tried to use techniques like “#pragma disable…” and “[SuppressMessage]” which works for some warnings, but we could not get it to work for this one.

We use Azure DevOps.

Thanks,
Dan

Hi @xdastendk

Unfortunately it’s not possible to disable a rule for a certain part of the code. You can disable it, but it will be for the whole project.

Also, issues marked as resolve / safe, but not corrected in the code will still show up during the build, we simply don’t query (yet) all of these before, but surely we do it during the analysis itself (the scan after the build).

HTH,
Mickaël

Hi @mickaelcaro

OK. Thank you for following up on this.

Best regards
Dan

@mickaelcaro you say “yet” does that mean you have a feature to fix it and if so do you have an estimate of when it will be ready?

It could be nice to have a green build in stead of a yellow.

We’ve not started yet working on it, but that’s on our plan.