Download
Browse source Changelog
Documentation
Project   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users curl-announce curl-commits Etiquette
Development
Autobuilds Code Style Contribute Internals Release Notes Release Procedure Roadmap Run Tests Security Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-users / Single Mail

curl-users

Re: Windows cURL JSON POST sysntax

From: Ray Satiro via curl-users <curl-users_at_cool.haxx.se>
Date: Fri, 30 Dec 2016 18:25:11 -0500

On 12/29/2016 6:44 PM, Jeremy Nicoll wrote:
> On Thu, 29 Dec 2016, at 23:20, Ray Satiro via curl-users wrote:
>
>> In the Windows command shell you have to use outer double quotes for the
>> string and escape any inner double quotes, for example
>>
>> curl -H "Content-Type: application/json" -d "{\"recipients\":
>> [\"1234567890\"],\"message\": \"Hello World\"}"http://foo
> Backslash isn't (or at least didn't use to be) an escape character for
> the cmd.exe
> command shell. Unless... is it one of those things that one has to
> turn on or off
> when starting the shell itself (see 'help cmd' for that)?
>
> Or are you using eg PowerShell, which I know nothing about?
>
>
>> It may be easier for you to put it in a file, for example
>>
>> curl -H "Content-Type: application/json" --data-binary @filename
>> http://foo
> That strikes me as a better way to do something like this, even if (if
> the curl command
> is being issued by a script) you have to create the file from within the
> script. At least
> that way you can be sure that curl actually sees the same file contents
> as are actually
> in the file, without shell processing getting in the way.

I don't think carets should work to escape in a quoted string if all the
arguments are quoted properly. You can mostly use a backslash to escape
inner quotes but there are some cases where it can cause other problems
[1], and so you could double up the double quotes instead but that can
also cause problems.

To experiment with those problems I made a small C program [2] that
prints out its arguments. From what I can see doubling or tripling up a
double-quote to escape it makes things worse and not better. In
particular I don't see any good solution to the SO guy's sample problem:

foo.exe "3\" of snow" "& ver."

You could escape the ^& but the only reason you have to do that in the
first place is to work around the buggy command shell parser, and if you
didn't have an earlier escaped quote then the parser would pass on the ^.

I'm kind of drifting out of the scope of this mailing list, but suffice
to say yeah I agree it's better to put it in a file if it's some dynamic
content and you can't be sure how it will be interpreted.

[1]: http://stackoverflow.com/a/31413730
[2]: https://gist.github.com/jay/19aba48653bd591cf4b90eb9249a302c

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-users
FAQ: https://curl.haxx.se/docs/faq.html
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-12-31