On Sun, Jan 7, 2018 at 12:30 PM, Gregory P. Smith <greg at krypto.org> wrote:
> the best way to improve shell escaping on windows is to send a PR against
> the list2cmdline code that escapes everything you believe it should when
> running on windows. With hyperlinks to the relevant msdn info about what
> might need escaping.
>
Agreed. FWIW the call to list2cmdline seems to compound the problem, since
it just takes args and puts double quotes around it, mostly undoing the
work of list2cmdline. For example if I use (args=['a', 'b c'], shell=True)
I think list2cmdline turns that to args='a "b c"', and then the format()
expression constructs the command:
cmd.exe /c "a "b c""
I really have no idea what that means on Windows (and no quick access to a
Windows box to try it) but on Windows that would create *two* arguments,
the first one being 'a b' and the second one 'c'.
At this point I can understand that Christian recommends against shell=True
-- it's totally messed up! But the fix should really be to fix this, not
inventing a new feature.
--
--Guido van Rossum (python.org/~guido)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20180107/e0eb4f6f/attachment.html>
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4