Inspectopedia 2025.2 Help

RoslynAnalyzers Do Not Disable HTTP Header Checking

HTTP header checking enables encoding of the carriage return and newline characters, \r and \n, that are found in response headers. This encoding can help to avoid injection attacks that exploit an application that echoes untrusted data contained by the header.

Locating this inspection

By ID

Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.

CA5365
Via Settings dialog

Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.

Settings or Preferences | Editor | Inspections | C# | Roslyn Analyzers

Suppressing Inspection

You can suppress this inspection by placing the following comment marker before the code fragment where you no longer want messages from this inspection to appear:

//noinspection CA5365

More detailed instructions as well as other ways and options that you have can be found in the product documentation:

Inspection Details

By default bundled with:

JetBrains Rider 2025.2, Qodana for .NET 2025.2,

Last modified: 18 September 2025
RoslynAnalyzers Do Not Disable Certificate ValidationRoslynAnalyzers Do Not Disable Request Validation