rspec/rules/S6287/csharp/how-to-fix-it/dotnet.adoc

== How to fix it in ASP.NET

=== Code examples

include::../../common/fix/code-rationale.adoc[]

==== Noncompliant code example

[source,csharp,diff-id=1,diff-type=noncompliant]
----
using System.Web;
using System.Web.Mvc;

public class ExampleController : Controller
{
    [HttpGet]
    public IActionResult CheckCookie(string cookie)
    {
        if (Request.Cookies["ASP.NET_SessionId"] == null)
        {
            Response.Cookies.Append("ASP.NET_SessionId", cookie);
        }

        return View("Welcome");
    }
}
----

==== Compliant solution

[source,csharp,diff-id=1,diff-type=compliant]
----
using System.Web;
using System.Web.Mvc;

public class ExampleController : Controller
{
    [HttpGet]
    public IActionResult CheckCookie()
    {
        if (Request.Cookies["ASP.NET_SessionId"] == null)
        {
            return View("GetCookie");
        }

        return View("Welcome");
    }
}
----

include::../../common/fix/how-does-this-work.adoc[]
Add checks for education format (#1607) 2023-03-07 17:16:47 +01:00			`== How to fix it in ASP.NET`

			`=== Code examples`
[APPSEC-116] Modify rule S6287: Educational content (#1216) 2022-09-08 11:06:29 +02:00
			`include::../../common/fix/code-rationale.adoc[]`

Education text Fix (#1338) 2022-10-18 16:03:10 +02:00			`==== Noncompliant code example`
Modify All Current Education Rules: Support intuitive view (#1256) 2022-09-15 10:28:08 +02:00
			`[source,csharp,diff-id=1,diff-type=noncompliant]`
[APPSEC-116] Modify rule S6287: Educational content (#1216) 2022-09-08 11:06:29 +02:00			`----`
			`using System.Web;`
			`using System.Web.Mvc;`

			`public class ExampleController : Controller`
			`{`
			`[HttpGet]`
			`public IActionResult CheckCookie(string cookie)`
			`{`
			`if (Request.Cookies["ASP.NET_SessionId"] == null)`
			`{`
Modify All Current Education Rules: Support intuitive view (#1256) 2022-09-15 10:28:08 +02:00			`Response.Cookies.Append("ASP.NET_SessionId", cookie);`
[APPSEC-116] Modify rule S6287: Educational content (#1216) 2022-09-08 11:06:29 +02:00			`}`

			`return View("Welcome");`
			`}`
			`}`
			`----`
Modify All Current Education Rules: Support intuitive view (#1256) 2022-09-15 10:28:08 +02:00
			`==== Compliant solution`

			`[source,csharp,diff-id=1,diff-type=compliant]`
[APPSEC-116] Modify rule S6287: Educational content (#1216) 2022-09-08 11:06:29 +02:00			`----`
			`using System.Web;`
			`using System.Web.Mvc;`

			`public class ExampleController : Controller`
			`{`
			`[HttpGet]`
			`public IActionResult CheckCookie()`
			`{`
			`if (Request.Cookies["ASP.NET_SessionId"] == null)`
			`{`
			`return View("GetCookie");`
			`}`

			`return View("Welcome");`
			`}`
			`}`
			`----`

Modify All Current Education Rules: Support intuitive view (#1256) 2022-09-15 10:28:08 +02:00			`include::../../common/fix/how-does-this-work.adoc[]`