rspec/rules/S2255/csharp/comments-and-links.adoc

=== On 2018-10-16T18:39:51Z Nicolas Harraudeau Wrote:
*Implementation details*:

*In .Net core*, -any reference to ``++Microsoft.AspNetCore.Http.HttpRequest.Cookies++`` should create an issue. It is a ``++IEnumerable++`` and it is not worth highlighting every manipulation method this class has. There is no "Cookie" Type in .Net Core, they are instead processed as strings.-

The ``++Request++`` object is just a reference to the ``++HttpRequest++`` of the current request.

Regarding ``++Microsoft.AspNetCore.Http.HttpResonse.Cookies++``, only the ``++Append++`` method should raise an issue as the ``++Delete++`` one is not security-sensitive (no risk of injection).

The ``++Response++`` object is just a reference to the ``++HttpResponse++`` of the current request.

include::../comments-and-links.adoc[]
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`=== On 2018-10-16T18:39:51Z Nicolas Harraudeau Wrote:`
			`Implementation details:`

			In .Net core, -any reference to ``++Microsoft.AspNetCore.Http.HttpRequest.Cookies++`` should create an issue. It is a ``++IEnumerable++`` and it is not worth highlighting every manipulation method this class has. There is no "Cookie" Type in .Net Core, they are instead processed as strings.-

			The ``++Request++`` object is just a reference to the ``++HttpRequest++`` of the current request.

			Regarding ``++Microsoft.AspNetCore.Http.HttpResonse.Cookies++``, only the ``++Append++`` method should raise an issue as the ``++Delete++`` one is not security-sensitive (no risk of injection).

			The ``++Response++`` object is just a reference to the ``++HttpResponse++`` of the current request.

			`include::../comments-and-links.adoc[]`