Join Slack
Powered by
interesting, the docs example just uses template s...
# prisma-whats-new
t
timwis
10/28/2017, 1:05 PM
interesting, the docs example just uses template string interpolation for adding user input. i would have assumed graphql variables were recommended in order to sanitize the user input, no?
https://www.graph.cool/docs/tutorials/auth/authentication-with-email-and-password-for-react-and-apollo-cu3jah9ech#adjusting-the-signupuser-mutation
a
agartha
10/28/2017, 1:35 PM
Yes, graphql variables are definitely the recommended way.
t
timwis
10/28/2017, 3:37 PM
thanks. do you know if I need to worry about sanitizing them like I would with SQL injection?
n
nilan
10/28/2017, 6:27 PM
where in that tutorial is string interpolation used?
nilan
10/28/2017, 6:27 PM
ah found it, instruction 15
👍🏻 1
t
timwis
10/28/2017, 6:31 PM
fyi it’s also used in the graphcool-lib source
https://github.com/graphcool/graphcool-lib/blob/master/src/index.ts
Open in Slack
Previous
Next