Add more controllers for the concurrency test.

docs/Analyzer Configuration.md

@@ -226,15 +226,15 @@ Default Value: '770', which is AssemblyDirectory | UseDllDirectoryForDependencie
 Example: `dotnet_code_quality.CA5393.unsafe_DllImportSearchPath_bits = 770`
 
 ### Exclude ASP.NET Core MVC ControllerBase when considering CSRF
-Option Name: `exclude_aspnet_core_mvc_controller_base`
+Option Name: `exclude_aspnet_core_mvc_controllerbase`
 
 Configurable Rules: CA5391
 
 Option Values: Boolean values
 
 Default Value: `true`
 
-Example: `dotnet_code_quality.CA5391.exclude_aspnet_core_mvc_controller_base = false`
+Example: `dotnet_code_quality.CA5391.exclude_aspnet_core_mvc_controllerbase = false`
 
 ### Disallowed symbol names
 Option Name: `disallowed_symbol_names`

src/Microsoft.NetCore.Analyzers/UnitTests/Security/UseAutoValidateAntiforgeryTokenTests.cs

@@ -297,13 +297,43 @@ public AcceptedAtActionResult CustomizedActionMethod2 (string actionName)
     {
         return null;
     }
+}
+
+class TestClass3 : Controller
+{
+    [HttpPut]
+    public AcceptedAtActionResult CustomizedActionMethod3 (string actionName)
+    {
+        return null;
+    }
+}
+
+class TestClass4 : Controller
+{
+    [HttpPut]
+    public AcceptedAtActionResult CustomizedActionMethod4 (string actionName)
+    {
+        return null;
+    }
+}
+
+class TestClass5 : Controller
+{
+    [HttpPut]
+    public AcceptedAtActionResult CustomizedActionMethod5 (string actionName)
+    {
+        return null;
+    }
 }",
             GetCSharpResultAt(12, 35, UseAutoValidateAntiforgeryToken.UseAutoValidateAntiforgeryTokenRule, "CustomizedActionMethod", "HttpPut"),
-            GetCSharpResultAt(21, 35, UseAutoValidateAntiforgeryToken.UseAutoValidateAntiforgeryTokenRule, "CustomizedActionMethod2", "HttpPut"));
+            GetCSharpResultAt(21, 35, UseAutoValidateAntiforgeryToken.UseAutoValidateAntiforgeryTokenRule, "CustomizedActionMethod2", "HttpPut"),
+            GetCSharpResultAt(30, 35, UseAutoValidateAntiforgeryToken.UseAutoValidateAntiforgeryTokenRule, "CustomizedActionMethod3", "HttpPut"),
+            GetCSharpResultAt(39, 35, UseAutoValidateAntiforgeryToken.UseAutoValidateAntiforgeryTokenRule, "CustomizedActionMethod4", "HttpPut"),
+            GetCSharpResultAt(48, 35, UseAutoValidateAntiforgeryToken.UseAutoValidateAntiforgeryTokenRule, "CustomizedActionMethod5", "HttpPut"));
         }
 
         [Theory]
-        [InlineData("dotnet_code_quality.CA5391.exclude_aspnet_core_mvc_controller_base = false")]
+        [InlineData("dotnet_code_quality.CA5391.exclude_aspnet_core_mvc_controllerbase = false")]
         public void EditorConfigConfiguration_OnlyLookAtDerivedClassesOfController_DefaultValue_Diagnostic(string editorConfigText)
         {
             VerifyCSharpAcrossTwoAssemblies(
@@ -1348,7 +1378,7 @@ public void TestMethod ()
 
         [Theory]
         [InlineData("")]
-        [InlineData("dotnet_code_quality.CA5391.exclude_aspnet_core_mvc_controller_base = true")]
+        [InlineData("dotnet_code_quality.CA5391.exclude_aspnet_core_mvc_controllerbase = true")]
         public void EditorConfigConfiguration_OnlyLookAtDerivedClassesOfController_NonDefaultValue_NoDiagnostic(string editorConfigText)
         {
             VerifyCSharpAcrossTwoAssemblies(

src/Utilities/Compiler/Options/EditorConfigOptionNames.cs

@@ -108,6 +108,6 @@ internal static partial class EditorConfigOptionNames
         /// <summary>
         /// Boolean option to configure whether to exclude aspnet core mvc ControllerBase when considering CSRF.
         /// </summary>
-        public const string ExcludeAspnetCoreMvcControllerBase = "exclude_aspnet_core_mvc_controller_base";
+        public const string ExcludeAspnetCoreMvcControllerBase = "exclude_aspnet_core_mvc_controllerbase";
     }
 }