That is true. list2cmdline escapes partially, but on NT and Windows10, the "^" must also be escaped, but is not. The "|" pipe symbol must also be escaped by "^", as many others as well.
The effect was that passing a rexexp as parameter to a windows program
gave me strange effects, and I recognized that "^" was missing.
So I was asking for a coherent solution:
Escape things completely or omit "shell=True".
Yes, there is a list of chars to escape, and it is Windows version
dependent. I can provide it if it makes sense.
Cheers -- Chris
On 07.01.18 18:20, Guido van Rossum wrote:
> I assume you're talking about list2cmdline()? That seems to be used to
> construct a string that can be passed to `cmd /c "{}"` -- it gets
> substituted instead of the {}, i.e. surrounded by ". I honestly can't
> say I follow that code completely, but I see that it escapes double
> quotes. Why is there a need to escape other characters? Is there a
> definitive list of special characters somewhere?
>
> On Sun, Jan 7, 2018 at 8:17 AM, Christian Tismer <[email protected]
> <mailto:[email protected]>> wrote:
>
> Hi Guys,
>
> yes I know there was a lengthy thread on python-dev in 2014
> called "subprocess shell=True on Windows doesn't escape ^ character".
>
> But in the end, I still don't understand why subprocess does
> escape the double quote when shell=True but not other special
> characters like "^"?
>
> Yes I know that certain characters are escaped under certain
> Windows versions and others are not. And it is not trivial to make
> that work correctly in all cases. But I think if we support
> some escaping at all, then we should also support all special
> cases. Or what sense should an escape make if it works sometimes
> and sometimes not?
>
> The user would have to know which cases work and which not. But
> I thought we want to remove exactly that burden from him?
>
> -----
>
> As a side note: In most cases where shell=True is found, people
> seem to need evaluation of the PATH variable. To my understanding,
>
> >>> from subprocess import call
> >>> call(("ls",))
>
> works in Linux, but (with dir) not in Windows. But that is misleading
> because "dir" is a builtin command but "ls" is not. The same holds for
> "del" (Windows) and "rm" (Linux).
>
> So I thought that using shell=True was a good Thing on windows,
> but actually it is the start of all evil.
> Using regular commands like "git" works fine on Windows and Linux
> without the shell=True parameter.
>
> Perhaps it would be a good thing to emulate the builtin programs
> in python by some shell=True replacement (emulate_shell=True?)
> to match the normal user expectations without using the shell?
>
> Cheers - Chris
>
> --
> Christian Tismer-Sperling :^) [email protected]
> <mailto:[email protected]>
> Software Consulting : http://www.stackless.com/
> Karl-Liebknecht-Str <http://www.stackless.com/ Karl-Liebknecht-Str>.
> 121 : https://github.com/PySide
> 14482 Potsdam : GPG key -> 0xFB7BEE0E
> phone +49 173 24 18 776 <tel:%2B49%20173%2024%2018%20776> fax +49
> (30) 700143-0023 <tel:%2B49%20%2830%29%20700143-0023>
>
>
> _______________________________________________
> Python-Dev mailing list
> [email protected] <mailto:[email protected]>
> https://mail.python.org/mailman/listinfo/python-dev
> <https://mail.python.org/mailman/listinfo/python-dev>
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/guido%40python.org
> <https://mail.python.org/mailman/options/python-dev/guido%40python.org>
>
>
>
>
> --
> --Guido van Rossum (python.org/~guido <http://python.org/~guido>)
--
Christian Tismer-Sperling :^) [email protected]
Software Consulting : http://www.stackless.com/
Karl-Liebknecht-Str. 121 : https://github.com/PySide
14482 Potsdam : GPG key -> 0xFB7BEE0E
phone +49 173 24 18 776 fax +49 (30) 700143-0023
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Python-Dev mailing list [email protected] https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
