private void VisitMethods(SyntaxNodeAnalysisContext ctx) { bool hasActionMethod = false; bool hasValidateAntiForgeryToken = false; SyntaxNode node = null; List <string> attributesList; if (ctx.Node.Language == LanguageNames.CSharp) { node = ctx.Node as CSharpSyntax.MethodDeclarationSyntax; if (node == null) { return; } attributesList = AnalyzerUtil.getAttributesForMethod((CSharpSyntax.MethodDeclarationSyntax)node); } else { node = ctx.Node as VBSyntax.MethodBlockSyntax; if (node == null) { return; } attributesList = AnalyzerUtil.getAttributesForMethod((VBSyntax.MethodBlockSyntax)node); } //Extract the annotation identifier foreach (var attribute in attributesList) { if (MethodsHttp.Contains(attribute)) { //Create the diagnostic on the annotation rather than the complete method if (ctx.Node.Language == LanguageNames.CSharp) { var attributes = AnalyzerUtil.getAttributesByName(attribute, node as CSharpSyntax.MethodDeclarationSyntax); if (attributes.Count > 0) { node = attributes[0]; } } else { var attributes = AnalyzerUtil.getAttributesByName(attribute, node as VBSyntax.MethodBlockSyntax); if (attributes.Count > 0) { node = attributes[0]; } } hasActionMethod = true; } else if (attribute.Equals("ValidateAntiForgeryToken")) { hasValidateAntiForgeryToken = true; } } if (hasActionMethod && !hasValidateAntiForgeryToken) { ctx.ReportDiagnostic(Diagnostic.Create(Rule, node.GetLocation())); } }