Better special character escaping in CommandLine
Reported by Jeremy Lightsmith | April 21st, 2008 @ 01:49 PM
Clients of CommandLine.execute() need to be selective about which parts of the command they need escaped and quoted, and which they don't. Current approach of letting them specify for the entire string (with :escape_quotes option) is not right. Suggested fix: provide escape_and_quote() method to CommandLine clients and make them responsible for calling it on appropriate parts of the shell command that they want executed. Use this method on any part of a command that is originally user input. E.g., Subversion url in Subversion#checkout().
No comments found
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Jeremy Lightsmith