共用方式為


CommandLineBuilder.VerifyThrowNoEmbeddedDoubleQuotes Method

Returns an error if the command line parameter contains a double-quote (") character. Because double quotes are illegal in command line parameters, this method helps prevent parameter injection attacks.

MSBuild is now included in Visual Studio instead of the .NET Framework. You can use MSBuild 12.0 side-by-side with versions previously deployed with the .NET Framework.For more information, see What's New in MSBuild 12.0.

Namespace:  Microsoft.Build.Utilities
Assembly:  Microsoft.Build.Utilities.Core (in Microsoft.Build.Utilities.Core.dll)

Syntax

'Declaration
Protected Overridable Sub VerifyThrowNoEmbeddedDoubleQuotes ( _
    switchName As String, _
    parameter As String _
)
protected virtual void VerifyThrowNoEmbeddedDoubleQuotes(
    string switchName,
    string parameter
)
protected:
virtual void VerifyThrowNoEmbeddedDoubleQuotes(
    String^ switchName, 
    String^ parameter
)
abstract VerifyThrowNoEmbeddedDoubleQuotes : 
        switchName:string * 
        parameter:string -> unit  
override VerifyThrowNoEmbeddedDoubleQuotes : 
        switchName:string * 
        parameter:string -> unit
protected function VerifyThrowNoEmbeddedDoubleQuotes(
    switchName : String, 
    parameter : String
)

Parameters

  • switchName
    Type: System.String

    A string representing the switch name for the error message.

  • parameter
    Type: System.String

    A string representing the switch parameter to scan for double-quotes.

Remarks

VerifyThrowNoEmbeddedDoubleQuotes is a virtual method so that your applications can override this method if you want to allow double-quotes escaped in filenames.

.NET Framework Security

See Also

Reference

CommandLineBuilder Class

Microsoft.Build.Utilities Namespace