CommandLineBuilder.VerifyThrowNoEmbeddedDoubleQuotes Method
Returns an error if the command line parameter contains a double-quote (") character. Because double quotes are illegal in command line parameters, this method helps prevent parameter injection attacks.
MSBuild is now included in Visual Studio instead of the .NET Framework. You can use MSBuild 12.0 side-by-side with versions previously deployed with the .NET Framework.For more information, see What's New in MSBuild 12.0.
Namespace: Microsoft.Build.Utilities
Assembly: Microsoft.Build.Utilities.Core (in Microsoft.Build.Utilities.Core.dll)
Syntax
'Declaration
Protected Overridable Sub VerifyThrowNoEmbeddedDoubleQuotes ( _
switchName As String, _
parameter As String _
)
protected virtual void VerifyThrowNoEmbeddedDoubleQuotes(
string switchName,
string parameter
)
protected:
virtual void VerifyThrowNoEmbeddedDoubleQuotes(
String^ switchName,
String^ parameter
)
abstract VerifyThrowNoEmbeddedDoubleQuotes :
switchName:string *
parameter:string -> unit
override VerifyThrowNoEmbeddedDoubleQuotes :
switchName:string *
parameter:string -> unit
protected function VerifyThrowNoEmbeddedDoubleQuotes(
switchName : String,
parameter : String
)
Parameters
switchName
Type: System.StringA string representing the switch name for the error message.
parameter
Type: System.StringA string representing the switch parameter to scan for double-quotes.
Remarks
VerifyThrowNoEmbeddedDoubleQuotes is a virtual method so that your applications can override this method if you want to allow double-quotes escaped in filenames.
.NET Framework Security
- Full trust for the immediate caller. This member cannot be used by partially trusted code. For more information, see dd66cd4c-b087-415f-9c3e-94e3a1835f74.