Application Security Testing: An Integral Part of DevOps
Today's tip is a very simple one, but if you are like me you will find yourself using it frequently. Do you have string literals that are filled with escape characters because they include characters that have a special meaning? One of the most common places you will find this is in file paths. If you don't want to have to worry about getting all of the backslashes correct, try using an @-quoted string instead. Say you have a variable like the following in your application:
string AppDataFile = "C:\\Program Files\\My Application\\MyApp.dat";
This works fine, but can be hard to read and is more likely to be prone to errors if you do not escape all of the backslashes correctly. Another option, using @-quoted strings, removes the need to escape the backslashes. The @-quoted version of the above example looks like this:string AppDataFile = @"C:\Program Files\My Application\MyApp.dat";
The only changes are the addition of the @ sign before the opening quotation mark and the removal of the backslash to escape the other backslashes. This format matches the way you see file and directory paths displayed everywhere else in Windows. You can use @-quoted strings for more than paths, so take a look at your use of string literals and see where you can simplify you code and make it more readable.
About the Author
Jay Miller is a Software Engineer with Electronic Tracking Systems, a company dedicated to robbery prevention, apprehension, and recovery based in Carrollton, Texas. Jay has been working with .NET since the release of the first beta and is co-author of Learn Microsoft Visual Basic.Net In a Weekend. Jay can be reached via email at firstname.lastname@example.org.