[
https://issues.apache.org/jira/browse/EXEC-39?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12910079#action_12910079
]
Sebb commented on EXEC-39:
--------------------------
It should just be sufficient to enclose an unsafe parameter in single-quotes.
Any embedded quotes should be escaped with a back-slash.
> StringUtils quoting problems
> ----------------------------
>
> Key: EXEC-39
> URL: https://issues.apache.org/jira/browse/EXEC-39
> Project: Commons Exec
> Issue Type: Bug
> Affects Versions: 1.0
> Reporter: Sebb
> Assignee: Siegfried Goeschl
> Fix For: 1.1
>
>
> There are various problems in the StringUtils class:
> isQuoted() - does not check that arguments have the same opening and closing
> quotes. This may be a rare case, but it's trivial to fix. There are no test
> cases for the method.
> quoteArgument()
> - does not work properly on Windows, which only treats double-quote as a
> quoting character; it should not fail if a Windows argument contains
> single-quotes, as they are not special.
> - does not quote special Unix characters either
> stringSubstitution() does not document what the characters can constitute a
> key.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
