Avoiding SQL Injection in Entity Framework Core (While using inline queries)

Pubblicato il: 11 ottobre 2020
sul canale di: DotNet Core Central
7,833
84

I did a couple of videos in past regarding Entity Framework Core. But during those videos, I did not cover the aspects of SQL Injections and how it comes to play with Entity Framework Core. In this video, I will be walking through how to valid potential SQL Injection pitfalls.

What is SQL Injection? SQL injection is a way to inject vulnerable SQL code through a loophole exposed by the code to make unwanted changes to the database. For example, if we use inline queries and expect a name to be passed as a parameter, but we use string interpolation, there is a possibility of a user passing queries as a part of the name to destroy the database.

Entity Framework Core makes it really easy to avoid SQL Injection, using a couple of ways. And in this video, I will go through both these ways of using Entity Framework Core to avoid SQL injection.

My previous videos for Entity Framework Core are here:
   • Entity Framework Core (CRUD Operation in ....  
   • Entity Framework Core (In-Line Query, Stor...  
   • Entity Framework Core (Inline Query for In...  

Source code for this video session is available in my GitHub repo: https://github.com/choudhurynirjhar/E...


In questa pagina del sito puoi guardare il video online Avoiding SQL Injection in Entity Framework Core (While using inline queries) della durata di ore minuti seconda in buona qualità , che l'utente ha caricato DotNet Core Central 11 ottobre 2020, condividi il link con amici e conoscenti, su youtube questo video è già stato visto 7,833 volte e gli è piaciuto 84 spettatori. Buona visione!