Container does not start if certain characters are used in environment variables #205
Description
Steps to reproduce:
docker run -p8000:80 -e TEST="%18" mcr.microsoft.com/windows/servercore/iis
Expected result:
The container starts and has an environment variable "TEST" with value "%18"
Actual result:
The container stops after showing the following output:
Stopping service 'w3svc'
Service 'w3svc' has been stopped
APPCMD failed with error code -1072894421
Failed to update IIS configuration
Diagnosis
The way environment variables are provided to the application running in the container is by adding them to the applicationHost config using appcmd.exe as following:
C:\Windows\system32\inetsrv\appcmd.exe set config -section:system.applicationHost/applicationPools /+"[name='DefaultAppPool'].environmentVariables.[name='TEST',value='%18']" /commit:apphost
Somewhere the value %18 is interpreted as escaped character 18, which is a control character that is not valid in XML. When using %64 for example, we get 'd' as the value for the environment variable, which is arguably worse than the container crashing.
Suggested fix
The decoding happens in appcmd.exe as I have been able to reproduce the same problem locally when using the appcmd command in a local environment, it may or may not be intended behavior. The process that sends the environment variable commands to appcmd however is the iis servicemonitor, and it could escape the % character as %25 (the hex code for %).
I am not sure about the side effects of such a fix, but have been running it in production for almost four years now without issues,
PR available:
microsoft/IIS.ServiceMonitor#72