ASP.NET Monsters #105: SQL Injection attacks in Entity Framework Core 2.0

Play ASP.NET Monsters #105: SQL Injection attacks in Entity Framework Core 2.0

Description

Entity Framework Core 2 was released recently. In today's episode we explore a new feature which automatically paramaterizes SQL Queries when the FromSql method is used with an interpolated string. Monster Dave shows us exactly why parametrized queries are so important when querying using raw sql.

Episode Sponsor:
AppVeyor - Continuous Delivery Services for Windows Developers

 

Related Links:
EF Core Injection Samples by Nick Craver
FormattableString - MSDN

 

Embed

Download

Download this episode

Download captions

The Discussion

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.