CommandLineBuilder.VerifyThrowNoEmbeddedDoubleQuotes Method (String, String)


Returns an error if the command line parameter contains a double-quote (") character. Because double quotes are illegal in command line parameters, this method helps prevent parameter injection attacks.

MSBuild is now included in Visual Studio instead of the .NET Framework. You can use MSBuild 12.0 side-by-side with versions previously deployed with the .NET Framework.For more information, see What's New in MSBuild 12.0.

Namespace:   Microsoft.Build.Utilities
Assembly:  Microsoft.Build.Utilities.Core (in Microsoft.Build.Utilities.Core.dll)

protected virtual void VerifyThrowNoEmbeddedDoubleQuotes(
	string switchName,
	string parameter


Type: System.String

A string representing the switch name for the error message.

Type: System.String

A string representing the switch parameter to scan for double-quotes.

VerifyThrowNoEmbeddedDoubleQuotes is a virtual method so that your applications can override this method if you want to allow double-quotes escaped in filenames.

Return to top