Security 使用DirectorySearcher时转义密码?
如果您正在使用Security 使用DirectorySearcher时转义密码?,security,active-directory,ldap,Security,Active Directory,Ldap,如果您正在使用DirectorySearcher并将设置了用户名和密码的DirectoryEntry传递给它,我正在试图确定是否需要转义密码(我们确实转义用户名) 以下是代码简写: var directoryEntry = new DirectoryEntry(domain); directoryEntry.Username = escaped(username); directoryEntry.Password = password; new DirectorySearcher(direct
DirectorySearcherDirectoryEntryvar directoryEntry = new DirectoryEntry(domain);
directoryEntry.Username = escaped(username);
directoryEntry.Password = password;
new DirectorySearcher(directoryEntry)
{
SearchScope = searchScope,
Filter = "(&(objectCategory=person)(objectClass=user)" + escaped(filter) + ")"
};
不转义密码会使代码容易被注入吗?转义密码是否会导致
DirectoryEntry