private void VisitMethods(SyntaxNodeAnalysisContext ctx) { bool hasActionMethod = false; bool hasValidateAntiForgeryToken = false; SyntaxNode node = null; List <string> attributesList; if (ctx.Node.Language == LanguageNames.CSharp) { node = ctx.Node as CSharpSyntax.MethodDeclarationSyntax; if (node == null) { return; } attributesList = AnalyzerUtil.getAttributesForMethod((CSharpSyntax.MethodDeclarationSyntax)node); } else { node = ctx.Node as VBSyntax.MethodBlockSyntax; if (node == null) { return; } attributesList = AnalyzerUtil.getAttributesForMethod((VBSyntax.MethodBlockSyntax)node); } //Extract the annotation identifier foreach (var attribute in attributesList) { if (MethodsHttp.Contains(attribute)) { hasActionMethod = true; } else if (attribute.Equals("ValidateAntiForgeryToken")) { hasValidateAntiForgeryToken = true; } } if (hasActionMethod && !hasValidateAntiForgeryToken) { ctx.ReportDiagnostic(Diagnostic.Create(Rule, node.GetLocation())); } }