34 lines
754 B
Plaintext
34 lines
754 B
Plaintext
== How to fix it in .NET
|
|
|
|
=== Code examples
|
|
|
|
In the following example, the callback change impacts the entirety of HTTP
|
|
requests made by the application.
|
|
|
|
:cert_method_name: ServerCertificateValidationCallback
|
|
|
|
include::../../common/fix/code-rationale-override.adoc[]
|
|
|
|
==== Noncompliant code example
|
|
|
|
[source,csharp]
|
|
----
|
|
using System.Net;
|
|
using System.Net.Http;
|
|
|
|
public static void connect()
|
|
{
|
|
ServicePointManager.ServerCertificateValidationCallback +=
|
|
(sender, certificate, chain, errors) => {
|
|
return true; // Noncompliant
|
|
};
|
|
|
|
HttpClient httpClient = new HttpClient();
|
|
HttpResponseMessage response = httpClient.GetAsync("https://example.com").Result;
|
|
}
|
|
----
|
|
|
|
=== How does this work?
|
|
|
|
include::../../common/fix/validation.adoc[]
|