Skip to content

Comments

Quote paths with double quotes not single quotes#148

Open
madscientist wants to merge 3 commits intojbardin:masterfrom
madscientist:pds/quoting
Open

Quote paths with double quotes not single quotes#148
madscientist wants to merge 3 commits intojbardin:masterfrom
madscientist:pds/quoting

Conversation

@madscientist
Copy link

@madscientist madscientist commented Dec 4, 2020

The previous scp single-quote algorithm for pathnames worked well for
POSIX servers but had problems on Windows servers, where single quotes
are not recognized (just treated like normal characters).

Use double quotes instead, and implement proper double-quoted escaping
for POSIX strings. This gives 100% correct paths on POSIX servers but
could still yield incorrect paths on Windows if the path contains
unusual characters like $ or `. If the user requires 100% Windows
compatibility they'll need to provide their own sanitizer function when
communicating with a Windows server.

Addresses issue #138 and issue #147

@madscientist
Quote paths with double quotes not single quotes
6ac6fa7 
The previous scp single-quote algorithm for pathnames worked well for
POSIX servers but had problems on Windows servers, where single quotes
are not recognized (just treated like normal characters).

Use double quotes instead, and implement proper double-quoted escaping
for POSIX strings.  This gives 100% correct paths on POSIX servers but
could still yield incorrect paths on Windows if the path contains
unusual characters like $ or `.  If the user requires 100% Windows
compatibility they'll need to provide their own sanitizer function when
communicating with a Windows server.

Addresses issue jbardin#138 and issue jbardin#147
@madscientist madscientist mentioned this pull request Dec 4, 2020
Open
@remram44 remram44 added the bug label Dec 4, 2020
@remram44
Copy link
Collaborator

remram44 commented Dec 4, 2020

I'm surprised not to see backslashes in the list, is that correct?

@madscientist
Copy link
Author

madscientist commented Dec 4, 2020

Within a double-quoted string backslashes do not need to be escaped unless they are escaping a special character. See the POSIX spec link I put into the code review. So, for example, echo "foo\bar" will print out the string foo\bar: no need to escape the backslash.

However, you're right that my solution is missing something because I need to handle backslashes that DO come before special characters. In other words, say I have the literal filename foo\$bar (that is, the backslash is part of the filename). My previous solution would turn this into "foo\\$bar" which is clearly not right: it needs to be "foo\\\$bar" (escape the backslash, then escape the $).

I will post an update to handle this.

@madscientist
Handle "quoting" backslashes in filenames
4867a1f 
POSIX double-quoted strings don't require backslash characters to be
escaped _unless_ they are escaping a special character.  So, for a
filename foo\bar the quoting can be "foo\bar".  But for a filename
such as foo\$bar the quoting must be "foo\\\$bar".

Prefer to avoid escaping backslashes if not necessary to be more
compatible with Windows paths.
@madscientist
Use raw strings where possible for readability.
cd2a8ac
@madscientist
Copy link
Author

madscientist commented Dec 4, 2020

Just to point out, we should probably provide an update to the README that mentions this portability concern for pathnames when talking to Windows servers and suggests a sanitizer function.

We could even provide a default sanitizer function for Windows servers so users could just choose that, if any of us feels sufficiently knowledgeable as to write one :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@madscientist @remram44