I'll try to explain the problem and why have a fully encoded version of the expansions might be useful.
Let's say i have a remote path on Linux like this, it has both single and double quotes in the path.
/home/username/They she w/¬`!"£$%^&*()_+-={}~[]#:@;'<>?,.|\/Kispál és a Borz - 02 - Tökéletes Helyettes
Or a password like this:
¬`¦!"£$%^&*()_+-={}~[]#:@;'<>?,./|\
Or a local path like this:
F:\downloads\One the twar\¬`!£$%^&()_+-={}~[]#@;',\New folder
When
"!/" is used with the above remote path I cannot pass this onto anther program as the double quotes cause a conflict. WinSCP will behave differently with this URL. for example, using my custom command via an extension -
https://github.com/userdocs/LFTP4WIN-CORE/blob/master/system/applications/winscp/winscp_lftp.WinSCPextension.sh
I can use this URL if i do not wrap the expansion in a double quote. WinSCP seems to escape this automatically but does not expand the result surrounded by quotes.
"%EXTENSION_PATH%" "!U" "!@" "!#" "!S" !/ "!\" "!P"
Will return this result ( with no double quotes at the start or end)
/home/username/They she w/¬`!"£$%^&*()_+-={}~[]#:@;'<>?,.|\/Kispál és a Borz - 02 - Tökéletes Helyettes
But if i now try this same unquoted expansion with a more basic path:
/home/username/They she w/
Whatever checks WinSCP has in place to escape the complex URL seems to miss this and i get result like this with no double quotes surrounded the result:
Where as this quoted command will return the correct simple path but break the complex path:
"%EXTENSION_PATH%" "!U" "!@" "!#" "!S" "!/" "!\" "!P"
You see the result is wrapped in double quotes:
"/home/username/They she w/"
So whilst this may highlight a potential bug in how and when WinSCP escapes what it really shows is how the solution is to provide an encoded version, for example.
With a password like this:
¬`¦!"£$%^&*()_+-={}~[]#:@;'<>?,./|\
I simply cannot pass this to bash in any way using this command as the expansion of
!P breaks the script by having double quotes and the last character technically escaping any other quotes once expanded when using this command format.
"%EXTENSION_PATH%" "!U" "!@" "!#" "!S" "!/" "!\" "!P"
But if i do this instead to get the password from the session URL, where
$4 is
!S:
password="$(echo -e $(echo $(echo "$4" | cut -f3 -d":" | cut -f1 -d";") | sed 's/%/\\x/g'))"
I can now pass on and reuse the password in anyway i need and only decode it as and when required without any real problems.
Conclusion:
If WinSCP could provide a URL encoded or base64 encoded version of the key expansions:
"!U" "!@" "!#" "!S" "!/" "!\" "!P"
These could easily be passed to bash or other third party application without having any double quote, single quote or backslash expansion conflicts and allow proper re-use of the variables by having them decoded locally for reuse as and when needed.
I hope this explains the problem i have experienced.
