The Monsters Weekly - Episode 105 - SQL Injection attacks in Entity Framework Core 2.0

Entity Framework Core 2 was released recently. In today’s episode we explore a new feature which automatically paramaterizes SQL Queries when the FromSql method is used with an interpolated string. Monster Dave shows us exactly why parametrized queries are so important when querying using raw sql.

Episode Sponsor:
AppVeyor - Continuous Delivery Services for Windows Developers

 

Related Links:
EF Core Injection Samples by Nick Craver
FormattableString - MSDN