diff --git a/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md b/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md
index 0d9fcab48b..460ef787ac 100644
--- a/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md
+++ b/src/NetAnalyzers/Core/AnalyzerReleases.Unshipped.md
@@ -6,3 +6,4 @@ Rule ID | Category | Severity | Notes
--------|----------|----------|-------
CA1514 | Maintainability | Info | AvoidLengthCheckWhenSlicingToEndAnalyzer, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1514)
CA1515 | Maintainability | Disabled | MakeTypesInternal, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1515)
+CA2262 | Usage | Info | ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly, [Documentation](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2262)
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/MicrosoftNetCoreAnalyzersResources.resx b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/MicrosoftNetCoreAnalyzersResources.resx
index 9a8a9e9b9c..f1f51aa6bd 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/MicrosoftNetCoreAnalyzersResources.resx
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/MicrosoftNetCoreAnalyzersResources.resx
@@ -1283,6 +1283,15 @@
'Enum.HasFlag' method expects the 'enum' argument to be of the same 'enum' type as the instance on which the method is invoked and that this 'enum' is marked with 'System.FlagsAttribute'. If these are different 'enum' types, an unhandled exception will be thrown at runtime. If the 'enum' type is not marked with 'System.FlagsAttribute' the call will always return 'false' at runtime.
+
+ Set 'MaxResponseHeadersLength' properly
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
The argument type, '{0}', must be the same as the enum type '{1}'
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Usage/ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly.cs b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Usage/ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly.cs
new file mode 100644
index 0000000000..95a5df2054
--- /dev/null
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/Usage/ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly.cs
@@ -0,0 +1,100 @@
+// Copyright (c) Microsoft. All Rights Reserved. Licensed under the MIT license. See License.txt in the project root for license information.
+
+using System.Collections.Immutable;
+using System.Linq;
+using Analyzer.Utilities;
+using Analyzer.Utilities.Extensions;
+using Microsoft.CodeAnalysis;
+using Microsoft.CodeAnalysis.Diagnostics;
+using Microsoft.CodeAnalysis.Operations;
+
+namespace Microsoft.NetCore.Analyzers.Usage
+{
+ using static MicrosoftNetCoreAnalyzersResources;
+
+ ///
+ /// CA2262:
+ ///
+ [DiagnosticAnalyzer(LanguageNames.CSharp, LanguageNames.VisualBasic)]
+ public sealed class ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly : DiagnosticAnalyzer
+ {
+ private const string MaxResponseHeadersLengthPropertyName = "MaxResponseHeadersLength";
+ private const int MaxLimitToReport = 128;
+ internal const string RuleId = "CA2262";
+
+ internal static readonly DiagnosticDescriptor EnsureMaxResponseHeaderLengthRule = DiagnosticDescriptorHelper.Create(
+ RuleId,
+ CreateLocalizableResourceString(nameof(ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectlyTitle)),
+ CreateLocalizableResourceString(nameof(ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectlyMessage)),
+ DiagnosticCategory.Usage,
+ RuleLevel.IdeSuggestion,
+ description: CreateLocalizableResourceString(nameof(ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectlyDescription)),
+ isPortedFxCopRule: false,
+ isDataflowRule: false);
+
+ public override ImmutableArray SupportedDiagnostics { get; } = ImmutableArray.Create(EnsureMaxResponseHeaderLengthRule);
+
+ public override void Initialize(AnalysisContext context)
+ {
+ context.EnableConcurrentExecution();
+ context.ConfigureGeneratedCodeAnalysis(GeneratedCodeAnalysisFlags.None);
+
+ context.RegisterCompilationStartAction(context =>
+ {
+ var httpClientHandlerPropSymbol = context.Compilation
+ .GetOrCreateTypeByMetadataName(WellKnownTypeNames.SystemNetHttpHttpClientHandler)
+ ?.GetMembers(MaxResponseHeadersLengthPropertyName)
+ .FirstOrDefault();
+
+ var socketClientHandlerPropSymbol = context.Compilation
+ .GetOrCreateTypeByMetadataName(WellKnownTypeNames.SystemNetHttpSocketsHttpHandler)
+ ?.GetMembers(MaxResponseHeadersLengthPropertyName)
+ .FirstOrDefault();
+
+ if (httpClientHandlerPropSymbol is null || socketClientHandlerPropSymbol is null)
+ {
+ return;
+ }
+
+ ImmutableArray symbols = ImmutableArray.Create(httpClientHandlerPropSymbol, socketClientHandlerPropSymbol);
+ context.RegisterOperationAction(context => AnalyzeSimpleAssignmentOperationAndCreateDiagnostic(context, symbols), OperationKind.SimpleAssignment);
+ });
+ }
+
+ private static void AnalyzeSimpleAssignmentOperationAndCreateDiagnostic(OperationAnalysisContext context, ImmutableArray propSymbols)
+ {
+ var assignmentOperation = (ISimpleAssignmentOperation)context.Operation;
+
+ if (!IsValidPropertyAssignmentOperation(assignmentOperation, propSymbols))
+ {
+ return;
+ }
+
+ if (assignmentOperation.Value is null || !assignmentOperation.Value.ConstantValue.HasValue || assignmentOperation.Value.ConstantValue.Value is not int propertyValue)
+ {
+ return;
+ }
+
+ // If the user set the value to int.MaxValue, their intention is to disable the limit, and we shouldn't emit a warning.
+ if (propertyValue is > MaxLimitToReport and not int.MaxValue)
+ {
+ context.ReportDiagnostic(context.Operation.CreateDiagnostic(EnsureMaxResponseHeaderLengthRule, propertyValue));
+ }
+ }
+
+ private static bool IsValidPropertyAssignmentOperation(ISimpleAssignmentOperation operation, ImmutableArray propSymbols)
+ {
+ if (operation.Target is not IPropertyReferenceOperation propertyReferenceOperation)
+ {
+ return false;
+ }
+
+ if (!propSymbols.Contains(propertyReferenceOperation.Member))
+ {
+ return false;
+ }
+
+ return operation.Value is IFieldReferenceOperation or ILiteralOperation or IBinaryOperation;
+ }
+ }
+}
\ No newline at end of file
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf
index 944f2cc45f..ded5f89631 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.cs.xlf
@@ -2213,6 +2213,21 @@ Obecné přetypování (IL unbox.any) používané sekvencí vrácenou metodou E
Poskytněte metodám formátování správné argumenty
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.Poskytnutí konstruktoru bez parametrů, který je viditelný jako nadřazený typ pro typ odvozený od System.Runtime.InteropServices.SafeHandle, umožňuje lepší výkon a využití s řešeními spolupráce generovanými zdroji.
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf
index 0f821c05ed..05ead7d4a9 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.de.xlf
@@ -2213,6 +2213,21 @@ Erweiterungen und benutzerdefinierte Konvertierungen werden bei generischen Type
Geeignete Argumente für Formatierungsmethoden angeben
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.Indem Sie für einen von "System.Runtime.InteropServices.SafeHandle" abgeleiteten Typ einen parameterlosen Konstruktor bereitstellen, der ebenso sichtbar ist wie der enthaltende Typ, erzielen Sie eine bessere Leistung und Nutzung mit aus der Quelle generierten Interop-Lösungen.
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf
index 974bc32552..e584b5fc25 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.es.xlf
@@ -2213,6 +2213,21 @@ La ampliación y las conversiones definidas por el usuario no se admiten con tip
Proporcionar argumentos correctos para los métodos de formato
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.Proporcionar un constructor sin parámetros tan visible como el tipo contenedor para un tipo derivado de 'System.Runtime.InteropServices.SafeHandle' permite un mejor rendimiento y uso con soluciones de interoperabilidad generadas por el origen.
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf
index 2333259a21..4d6015fc14 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.fr.xlf
@@ -2213,6 +2213,21 @@ Les conversions étendues et définies par l’utilisateur ne sont pas prises en
Indiquer le nombre correct d'arguments dans les méthodes de mise en forme
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.La fourniture d’un constructeur sans paramètre qui est aussi visible que le type conteneur pour un type dérivé de ’System. Runtime. InteropServices. SafeHandle’ permet d’améliorer les performances et l’utilisation des solutions d’interopérabilité générées par le code source.
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf
index 680e3a4e9f..b09d62d459 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.it.xlf
@@ -2213,6 +2213,21 @@ L'ampliamento e le conversioni definite dall'utente non sono supportate con tipi
Fornire gli argomenti corretti ai metodi di formattazione
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.La specifica di un costruttore senza parametri visibile come tipo che lo contiene per un tipo derivato da 'System.Runtime.InteropServices.SafeHandle' offre prestazioni migliori e ne consente l'utilizzo in soluzioni di interoperabilità generate da origini.
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf
index 7f8679b575..3899e3d20b 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ja.xlf
@@ -2213,6 +2213,21 @@ Enumerable.OfType<T> で使用されるジェネリック型チェック (
書式設定メソッドに正しい引数を指定します
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.'System.Runtime.InteropServices.SafeHandle' から派生した型の包含型と同じように見えるパラメーターなしのコンストラクターを指定すると、ソース生成相互運用ソリューションのパフォーマンスと使用方法が向上します。
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf
index eae9328e21..2612df2317 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ko.xlf
@@ -2213,6 +2213,21 @@ Enumerable.OfType<T>에서 사용하는 제네릭 형식 검사(C# 'is'
서식 지정 메서드에 올바른 인수를 제공하세요.
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.'System.Runtime.InteropServices.SafeHandle'에서 파생된 형식에 대한 포함 형식만큼 표시되는 매개 변수 없는 생성자를 제공하면 원본 생성 interop 솔루션의 성능과 사용이 향상됩니다.
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf
index 4d72146dc8..dd26ead4c5 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pl.xlf
@@ -2213,6 +2213,21 @@ Konwersje poszerzane i zdefiniowane przez użytkownika nie są obsługiwane w pr
Określ poprawne argumenty dla metod formatujących
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.Udostępnienie konstruktora bez parametrów, który jest tak widoczny jak typ zawierający dla typu pochodzącego z elementu „System.Runtime.InteropServices.SafeHandle”, zapewnia lepszą wydajność i użycie dzięki wygenerowanym przez źródło rozwiązaniom międzyoperacyjnym.
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf
index 3a1c62d635..6788bbe9a2 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.pt-BR.xlf
@@ -2213,6 +2213,21 @@ Ampliação e conversões definidas pelo usuário não são compatíveis com tip
Fornecer os argumentos corretos para métodos de formatação
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.Fornecer um construtor sem parâmetros que é tão visível quanto o tipo que contém um tipo derivado de 'System.Runtime.InteropServices.SafeHandle' permite um melhor desempenho e uso com soluções de interoperabilidade geradas pela origem.
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf
index 4bf7fbfb6b..6e157b19b4 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.ru.xlf
@@ -2213,6 +2213,21 @@ Widening and user defined conversions are not supported with generic types.Задайте правильные аргументы для методов форматирования
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.Предоставление конструктора без параметров, который отображается как содержащий тип для типа, производного от "System.Runtime.InteropServices.SafeHandle", обеспечивает улучшенную производительность и использование в решениях взаимодействия, созданных источником.
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf
index 65b084ef90..bfbd717034 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.tr.xlf
@@ -2213,6 +2213,21 @@ Genel türlerde genişletme ve kullanıcı tanımlı dönüştürmeler desteklen
Biçimlendirme yöntemlerine doğru bağımsız değişkenleri sağlayın
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.'System.Runtime.InteropServices.SafeHandle'dan türetilmiş bir tür için kapsayan tür kadar görülebilen parametresiz bir oluşturucu sağlamak, kaynak tarafından oluşturulan birlikte çalışma çözümleriyle daha iyi performans ve kullanım olanağı sağlar.
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf
index 6233be421a..6ac54c6716 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hans.xlf
@@ -2213,6 +2213,21 @@ Enumerable.OfType<T> 使用的泛型类型检查 (C# 'is' operator/IL 'isi
为格式化方法提供正确的参数
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.提供与派生自 “System.Runtime.InteropServices.SafeHandle” 的类型的包含类型一样可见的无参数构造函数可改进源生成的互操作解决方案的性能和使用情况。
diff --git a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf
index f2dd916660..728cdb8690 100644
--- a/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf
+++ b/src/NetAnalyzers/Core/Microsoft.NetCore.Analyzers/xlf/MicrosoftNetCoreAnalyzersResources.zh-Hant.xlf
@@ -2213,6 +2213,21 @@ Enumerable.OfType<T> 使用的一般型別檢查 (C# 'is' operator/IL 'isi
為格式化方法提供正確的引數
+
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+ The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+
+
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+ Make sure the value '{0}' is provided correctly. This value is measured in kilobytes not bytes.
+
+
+
+ Set 'MaxResponseHeadersLength' properly
+ Set 'MaxResponseHeadersLength' properly
+
+ Providing a parameterless constructor that is as visible as the containing type for a type derived from 'System.Runtime.InteropServices.SafeHandle' enables better performance and usage with source-generated interop solutions.提供一種無參數的建構函式,與衍生自 'System.Runtime.InteropServices.SafeHandle' 之類型的包含類型一樣可見,使用原始檔產生的 interop 解決方案可提高效能及使用量。
diff --git a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md
index 146dc408da..e3b0927e8a 100644
--- a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md
+++ b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.md
@@ -2574,6 +2574,18 @@ The ConfigureAwaitOptions.SuppressThrowing is only supported with the non-generi
|CodeFix|False|
---
+## [CA2262](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2262): Set 'MaxResponseHeadersLength' properly
+
+The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.
+
+|Item|Value|
+|-|-|
+|Category|Usage|
+|Enabled|True|
+|Severity|Info|
+|CodeFix|False|
+---
+
## [CA2300](https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2300): Do not use insecure deserializer BinaryFormatter
The method '{0}' is insecure when deserializing untrusted data. If you need to instead detect BinaryFormatter deserialization without a SerializationBinder set, then disable rule CA2300, and enable rules CA2301 and CA2302.
diff --git a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif
index 0e10ba0b36..025469f642 100644
--- a/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif
+++ b/src/NetAnalyzers/Microsoft.CodeAnalysis.NetAnalyzers.sarif
@@ -4455,6 +4455,26 @@
]
}
},
+ "CA2262": {
+ "id": "CA2262",
+ "shortDescription": "Set 'MaxResponseHeadersLength' properly",
+ "fullDescription": "The property 'MaxResponseHeadersLength' is measured in kilobytes, not in bytes. That mean the provided value will be multiplied by 1024, the result might be too high than your intended value.",
+ "defaultLevel": "note",
+ "helpUri": "https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2262",
+ "properties": {
+ "category": "Usage",
+ "isEnabledByDefault": true,
+ "typeName": "ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly",
+ "languages": [
+ "C#",
+ "Visual Basic"
+ ],
+ "tags": [
+ "Telemetry",
+ "EnabledRuleInAggressiveMode"
+ ]
+ }
+ },
"CA2300": {
"id": "CA2300",
"shortDescription": "Do not use insecure deserializer BinaryFormatter",
diff --git a/src/NetAnalyzers/RulesMissingDocumentation.md b/src/NetAnalyzers/RulesMissingDocumentation.md
index a0aea3b9a8..26c9c1b9bb 100644
--- a/src/NetAnalyzers/RulesMissingDocumentation.md
+++ b/src/NetAnalyzers/RulesMissingDocumentation.md
@@ -17,3 +17,4 @@ CA1866 | | Use char overload |
CA2021 | | Do not call Enumerable.Cast\ or Enumerable.OfType\ with incompatible types |
CA2261 | | Do not use ConfigureAwaitOptions.SuppressThrowing with Task\ |
+CA2262 | | Set 'MaxResponseHeadersLength' properly |
diff --git a/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Usage/ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectlyTests.cs b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Usage/ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectlyTests.cs
new file mode 100644
index 0000000000..6246691aca
--- /dev/null
+++ b/src/NetAnalyzers/UnitTests/Microsoft.NetCore.Analyzers/Usage/ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectlyTests.cs
@@ -0,0 +1,94 @@
+// Copyright (c) Microsoft. All Rights Reserved. Licensed under the MIT license. See License.txt in the project root for license information.
+
+using System.Threading.Tasks;
+using Xunit;
+using VerifyCS = Test.Utilities.CSharpCodeFixVerifier<
+ Microsoft.NetCore.Analyzers.Usage.ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly,
+ Microsoft.CodeAnalysis.Testing.EmptyCodeFixProvider>;
+
+using VerifyVB = Test.Utilities.VisualBasicCodeFixVerifier<
+ Microsoft.NetCore.Analyzers.Usage.ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly,
+ Microsoft.CodeAnalysis.Testing.EmptyCodeFixProvider>;
+namespace Microsoft.NetCore.Analyzers.Usage.UnitTests
+{
+ public class ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectlyTests
+ {
+ [Fact]
+ public async Task CA2262_ProvideCorrectValueFor_HttpClientHandlerMaxResponseHeader_DiagnosticAsync()
+ {
+ await VerifyCS.VerifyAnalyzerAsync(@"
+ using System;
+ using System.Net.Http;
+
+ public class TestClass {
+
+ static int GetValue() => 1414;
+ const int val = 121212 * 2;
+
+ public void TestMethod() {
+
+ HttpClientHandler handler = new HttpClientHandler()
+ {
+ MaxResponseHeadersLength = GetValue()
+ };
+
+ HttpClientHandler handler2 = new HttpClientHandler()
+ {
+ {|#0:MaxResponseHeadersLength = 2 * 121213|}
+ };
+
+ HttpClientHandler handler3 = new HttpClientHandler()
+ {
+ {|#1:MaxResponseHeadersLength = val|}
+ };
+
+ HttpClientHandler handler4 = new HttpClientHandler()
+ {
+ {|#2:MaxResponseHeadersLength = 1414|}
+ };
+
+ HttpClientHandler handler5 = new HttpClientHandler()
+ {
+ MaxResponseHeadersLength = int.MaxValue
+ };
+
+ SocketsHttpHandler handler6 = new SocketsHttpHandler()
+ {
+ MaxResponseHeadersLength = int.MaxValue
+ };
+
+ SocketsHttpHandler handler7 = new SocketsHttpHandler()
+ {
+ {|#3:MaxResponseHeadersLength = 1000|}
+ };
+ }
+ }
+
+ ",
+ VerifyCS.Diagnostic(ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly.RuleId).WithLocation(0).WithArguments(242426),
+ VerifyCS.Diagnostic(ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly.RuleId).WithLocation(1).WithArguments(242424),
+ VerifyCS.Diagnostic(ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly.RuleId).WithLocation(2).WithArguments(1414),
+ VerifyCS.Diagnostic(ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly.RuleId).WithLocation(3).WithArguments(1000)
+ );
+
+ await VerifyVB.VerifyAnalyzerAsync(@"
+ Imports System.Net.Http
+
+ Public Class MainClass
+ Public Shared Sub Main()
+ Dim httpClientHandler As New HttpClientHandler()
+
+ {|#0:httpClientHandler.MaxResponseHeadersLength = 65536|}
+
+ Dim httpClient As New HttpClient(httpClientHandler)
+
+ httpClient.Dispose()
+ httpClientHandler.Dispose()
+ End Sub
+ End Class
+ ",
+ VerifyVB.Diagnostic(ProvideHttpClientHandlerMaxResponseHeaderLengthValueCorrectly.RuleId).WithLocation(0).WithArguments(65536)
+ );
+ }
+ }
+}
\ No newline at end of file
diff --git a/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt b/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt
index 2423ad707e..18075ef3ad 100644
--- a/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt
+++ b/src/Utilities/Compiler/DiagnosticCategoryAndIdRanges.txt
@@ -14,7 +14,7 @@ Globalization: CA2101, CA1300-CA1311
Mobility: CA1600-CA1601
Performance: HA, CA1800-CA1870
Security: CA2100-CA2153, CA2300-CA2330, CA3000-CA3147, CA5300-CA5405
-Usage: CA1801, CA1806, CA1816, CA2200-CA2209, CA2211-CA2261
+Usage: CA1801, CA1806, CA1816, CA2200-CA2209, CA2211-CA2262
Naming: CA1700-CA1727
Interoperability: CA1400-CA1422
Maintainability: CA1500-CA1515
diff --git a/src/Utilities/Compiler/WellKnownTypeNames.cs b/src/Utilities/Compiler/WellKnownTypeNames.cs
index 7fa5290af8..6f01dbc1db 100644
--- a/src/Utilities/Compiler/WellKnownTypeNames.cs
+++ b/src/Utilities/Compiler/WellKnownTypeNames.cs
@@ -269,6 +269,7 @@ internal static class WellKnownTypeNames
public const string SystemMemoryExtensions = "System.MemoryExtensions";
public const string SystemNetHttpHttpClient = "System.Net.Http.HttpClient";
public const string SystemNetHttpHttpClientHandler = "System.Net.Http.HttpClientHandler";
+ public const string SystemNetHttpSocketsHttpHandler = "System.Net.Http.SocketsHttpHandler";
public const string SystemNetHttpWinHttpHandler = "System.Net.Http.WinHttpHandler";
public const string SystemNetSecurityProtocolType = "System.Net.SecurityProtocolType";
public const string SystemNetSecurityRemoteCertificateValidationCallback = "System.Net.Security.RemoteCertificateValidationCallback";