Mid REST API

How can you prevent SQL injection in REST API requests?

  • Always use parameterized queries / ORM (EF Core).
  • Validate and sanitize input.
  • Apply least privilege on DB users.

👉 Example in EF Core:

var user = db.Users.FirstOrDefault(u => u.Email == email);

More from ASP.NET Core Web API Tutorial

All questions for this course