Make sure that this http request is sent safely. (external_roslyn:S4825)


(onatsko) #1

I use HttpClient to call my back-end. After last update i got an error:
Code Smell: Make sure that this http request is sent safely. ([external_roslyn:S4825])

I’m sure my connection is secure. how do I fix this message?

(Nicolas Harraudeau) #3

Hi @onatsko,

Thank you for your feedback.

Am I right in assuming that you see this issue on a pull request?

We have a bug in our current C# and VB .Net analysis. We are working on it and I will come back to you as soon as it is fixed.

In the mean time you can unblock your pull requests by ignoring external roslyn error in your project like this:
Go to your project’s Administration tab > General Settings > External analyzers > C# Ignore issues from external Roslyn analyzers > enable the option. The security hotspot issues will disappear the next time your pull requests are analyzed.

Just to give some context: The issue you mention is a Security Hotspot. Those issues are meant to help security auditors during code reviews. They are created on code which is security-sensitive, i.e. code where vulnerabilities generally occur, but which doesn’t necessarily contain a vulnerability. Security Hotspot issues should never impact the quality gate, nor should they be visible on Pull Requests.

We apologize for the inconvenience.

Best regards,

(onatsko) #4

Thank you, Nicolas!
I try enable the option

(onatsko) #5

yes, you are right

(Nicolas Harraudeau) #6

Hi @onatsko,

The fix is now deployed on SonarCloud. You can enable back the external roslyn issues.
Thank you again for your patience.

Best regards,

(onatsko) #7

Thank U!