On Sun, Jan 7, 2018 at 12:30 PM, Gregory P. Smith <g...@krypto.org> wrote:
> the best way to improve shell escaping on windows is to send a PR against
> the list2cmdline code that escapes everything you believe it should when
> running on windows. With hyperlinks to the relevant msdn info about what
> might need escaping.
>
Agreed. FWIW the call to list2cmdline seems to compound the problem, since
it just takes args and puts double quotes around it, mostly undoing the
work of list2cmdline. For example if I use (args=['a', 'b c'], shell=True)
I think list2cmdline turns that to args='a "b c"', and then the format()
expression constructs the command:
cmd.exe /c "a "b c""
I really have no idea what that means on Windows (and no quick access to a
Windows box to try it) but on Windows that would create *two* arguments,
the first one being 'a b' and the second one 'c'.
At this point I can understand that Christian recommends against shell=True
-- it's totally messed up! But the fix should really be to fix this, not
inventing a new feature.
--
--Guido van Rossum (python.org/~guido)
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
