Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Ensure that commands and args are properly quoted if they contain spa…

…ces or reserved shell characters (on Windows).


http://technet.microsoft.com/en-us/library/cc723564.aspx states that "all reserved shell characters not in double quotes must be escaped." It also states that "any argument that contains spaces...must be enclosed in double quotes" Furthermore, "if a double-quoted argument itself contains a double quote character, the double quote must be doubled."
  • Loading branch information...
commit e88067ac9196bf43365e7d4aa7f0950312492bd1 1 parent 232ccd1
@cablegram cablegram authored
Showing with 4 additions and 1 deletion.
  1. +4 −1 lib/execjs/external_runtime.rb
View
5 lib/execjs/external_runtime.rb
@@ -183,7 +183,10 @@ def sh(command)
if ExecJS.windows?
def shell_escape(*args)
# see http://technet.microsoft.com/en-us/library/cc723564.aspx#XSLTsection123121120120
- args.map { |arg| arg.gsub(/([&|()<>^ "])/,'^\1') }.join(" ")
+ args.map { |arg|
+ arg = %Q("#{arg.gsub('"','""')}") if arg.match(/[&|()<>^ "]/)
+ arg
+ }.join(" ")
end
else
def shell_escape(*args)
Please sign in to comment.
Something went wrong with that request. Please try again.