Sanitizing read entry in Bash

Question

I have a script which prompts for user credentials in order to phrase a curl command. The issue I am having is if the password has a special character it can mess up the curl command.

example code:

curl -k -o ~/Desktop/output.txt https://$name:$password@'server.example.com/serverpage.asp?action=MakeList&User='$enduser

example inputs

name:test

password:P@55w0rd!

output:

curl: (6) Could not resolve host: 55w0rd!@server.example.com; nodename nor servname provided, or not known

I understand that the curl command is hitting the "@" in the password and trying to connect to 55w0rd!@server.example.com in stead of server.example.com.

How do I "sanitize" the input to escape special characters?

Thank you!

Answer 1

Try to use the "-u" parameter for curl. On the other hand try to use " for start and end the parameters and finally use ${varname} format to access to variables to prevent bash escaping problems.

curl -k -u "${name}:${password}" -o "~/Desktop/output.txt" "https://server.example.com/serverpage.asp?action=MakeList&User=${enduser}"

Answer 2

curl -k -o ~/Desktop/output.txt "https://${name}:${password}@server.example.com/serverpage.asp?action=MakeList&User=${enduser}"

Answer 3

You want to urlencode your password (Pp%340ssword!). AFAIK there is no simple way to do it in bash, this previous thread has some suggestions involving Perl etc. Testing or looking at the curl source might reveal that just replacing @ with %40 is sufficient, I haven't tried for the general case.