Forum » Support and Bug Reports »

Session code generator for PowerShell outputs un-escaped dollar signs in double quoted literals

Advertisement

floppymaster
Joined:
Posts:
3

Session code generator for PowerShell outputs un-escaped dollar signs in double quoted literals

The Powershell code generator encapsulates string literals in double quotes. If any of the values contain a dollar sign, Powershell will interpret this as a variable reference.

For example: 

# Set up session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
    Protocol = [WinSCP.Protocol]::Sftp
    HostName = "ftp.example.com"
    UserName = "myuser"
    Password = "pa$sword" # Accidental reference to '$sword' variable
    SshHostKeyFingerprint = "ssh-rsa 2048 0b:1e:4b:29:43:7e:a3:aa:f4:6b:fe:50:cb:32:f8:35"
}

An easy solution would be to use single quotes instead. 

# Set up session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
    Protocol = [WinSCP.Protocol]::Sftp
    HostName = 'ftp.example.com'
    UserName = 'myuser'
    Password = 'pa$sword'
    SshHostKeyFingerprint = 'ssh-rsa 2048 0b:1e:4b:29:43:7e:a3:aa:f4:6b:fe:50:cb:32:f8:35'
}

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
40,567
Location:
Prague, Czechia

Re: Session code generator for PowerShell outputs un-escaped dollar signs in double quoted literals

Thanks. Will look into this.

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
40,567
Location:
Prague, Czechia

Re: Session code generator for PowerShell outputs un-escaped dollar signs in double quoted literals

This bug has been added to the tracker:
https://winscp.net/tracker/1590

I'm sending you an email with a development version of WinSCP to the address you have used to register on this forum.

Reply with quote

Advertisement

You can post new topics in this forum

Documentation

Support

Associations

Follow Us