How to escape ampersands, semicolons, and curly braces in command-line powershell params?

Question

I'm using a powershell script to generate a config file with database passwords and the like. The normal use of this script is to generate-and-use a password, but for a fleeting moment, I need to access a fellow developer's database, so I need to pass the password into the powershell script.

The problem is that the password is gibberish that includes ampersands, semicolons, and curly braces. How can I pass this into a command-line invocation of powershell? (This answer and this other answer are helpful, but doesn't help with the semicolons and curly braces.)

Here's what I've tried:

powershell .\makeConfig.ps1 -password "xxx<xxxx;xxxxx&x.xxxx}xx/xxx" -otherparam 3

Result: An error message: The ampersand (&) character is not allowed. The & operator is reserved for future use; wrap an ampersand in double quotation marks ("&") to pass it as part of a string.

powershell .\makeConfig.ps1 -password "xxx<xxxx;xxxxx`"&`"x.xxxx}xx/xxx" -otherparam 3

Result: Doing a write-host of the $password only gives the string up to the semicolon. Also, -otherparam has its default value rather than the value that I passed in to the command line.

powershell .\makeConfig.ps1 -password "xxx<xxxx`;xxxxx`"&`"x.xxxx}xx/xxx" -otherparam 3

Result: write-host $password now prints up to the first backtick before the quote. And yes, it outputs the backtick, which seems to show that everything is parsing all wrong. Oh, and one of the other functions called in the script threw an exception I haven't seen before (Exception calling "AcquireToken" with "4" argument(s): "authentication_canceled: User canceled authentication"), which suggests that the param parsing was completely hosed in a new and fascinating way. Here's what write-host $password produced:

xxx<xxxx;xxxxx`


powershell .\makeConfig.ps1 -password "xxx<xxxx`";`"xxxxx`"&`"x.xxxx}xx/xxx" -otherparam 3

Result: write-host $password now prints up to the first backtick before the quote. And the second parameter is in the default state. (i.e., same result as last time.) On the plus side, the exception thrown in the previous example didn't crop up.

So how do I pass in arbitrary ASCII strings to powershell string params from the Windows command line? Or at least, how do I escape semicolons, ampersands, and curly braces?

Answer 1

Use --%, the stop parsing token.

powershell .\makeConfig.ps1 -password --% xxx<xxxx;xxxxx&x.xxxx}xx/xxx -otherparam 3

Answer 2

I had the same issue passing a SAS token which consisted of a GET URI with ampersand query strings.

the """$sas""" worked for me - see below

az storage blob copy start `
    --destination-blob $destinationVHDFileName `
    --destination-container $storageContainerName `
    --account-name $storageAccountName `
    --account-key $storageAccountKey `
    --source-uri """$sas""" `
    --debug `
    --verbose

Answer 3

I'm running firebase using a powershell script. I solved the problem by using triple double-quotes like this: firebase deploy --token "$firebaseToken" --project "$firebaseProject" --message """$releaseMessage""". The URL is in the $releaseMessage, and the ampersand doesn't cause a problem anymore.

Answer 4

powershell .\makeConfig.ps1 -password "'xxx<xxxx;xxxxx&x.xxxx}xx/xxx'" -otherparam 3

Here

• outer " double quotes would escape all cmd poisonous characters e.g. <, & etc. excepting " itself and % percentage sign (and ! exclamation mark if delayed expansion is enabled) while
• inner ' apostrophes (single quotes) would escape all powershell ones (excepting ' apostrophe itself).

However, exceptions noticed above could be escaped as well… Based on both Escape characters, Delimiters and Quotes articles:

• in cmd and batch-file
• in powershell