Custom command incorrectly marks script arguments as invalid
cldrn opened this issue · comments
Paulino Calderon commented
A valid command was marked as invalid. The regex in charge of validation needs to be fixed. Maybe tokenize and parse to validate the command instead of depending on one regex.
Paulino Calderon commented
Please share any valid commands flagged as invalid.
Paulino Calderon commented
It seems the command marked as invalid had ';' inside a script argument. This is a known malicious character so our only real solution is build that tokenized parser for arguments.