Incorrect stripping of leading quote in env var #230
Comments
willkg
added a commit
that referenced
this issue
Nov 6, 2023
This should support these cases more correctly:
```
KEY="'val'" -> {"KEY": "'val'"}
KEY="'val' something else" -> {"KEY": "'val' something else"}
```
willkg
added a commit
that referenced
this issue
Nov 6, 2023
This should support these cases more correctly:
```
KEY="'val'" -> {"KEY": "'val'"}
KEY="'val' something else" -> {"KEY": "'val' something else"}
```
willkg
added a commit
that referenced
this issue
Nov 6, 2023
This should support these cases more correctly:
```
KEY="'val'" -> {"KEY": "'val'"}
KEY="'val' something else" -> {"KEY": "'val' something else"}
```
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I think I've uncovered a corner-case bug with quotes.
Specifically, if an env var string starts with a quote mark, that leading quote gets stripped.
It's not a common situation, but this came up when tinkering with CSP rules, which provides a reasonable example.
In my Python code, I'm parsing env vars with this setup:
My
.envfile has the following:CSP_SCRIPT_SRC="'self' www.googletagmanager.com"And the parsed value ends up being
self' www.googletagmanager.com-- which is invalid as a CSP rule because it needs to be'self'with quotesHowever, if I add a space between the opening " and ' in my
.envfile, the over-stripping doesn't occur:CSP_SCRIPT_SRC=" 'self' www.googletagmanager.com"Parsed value:
'self' www.googletagmanager.comThe text was updated successfully, but these errors were encountered: