I have a MVC application. I have a generic method that does HttpClient GetAsync in which there is a low veracode flaw on this line
HttpResponseMessage response = client.GetAsync(client.BaseAddress).Result;
Here is he Method.
public static async Task<R?> SendSync<R>(string url)
{
HttpClient client = new HttpClient();
R? value = default;
client.BaseAddress = new Uri(url);
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
HttpResponseMessage response = client.GetAsync(client.BaseAddress).Result;
if (response.IsSuccessStatusCode)
value = await response.Content.ReadAsJsonAsync<R>();
return value;
}
How can I solve it?
thanks
I solve this
Once I have set this line
client.BaseAddress = new Uri(url);
the line
HttpResponseMessage response = await client.GetAsync(client.BaseAddress);
can we replaced with this
HttpResponseMessage response = await client.GetAsync("");