* Build the full PowerShell script that parses a command. * The user command is Base64-encoded (UTF-8) and embedded in a variable * to prevent injection attacks.
(command: string)
| 685 | * to prevent injection attacks. |
| 686 | */ |
| 687 | function buildParseScript(command: string): string { |
| 688 | const encoded = |
| 689 | typeof Buffer !== 'undefined' |
| 690 | ? Buffer.from(command, 'utf8').toString('base64') |
| 691 | : btoa( |
| 692 | new TextEncoder() |
| 693 | .encode(command) |
| 694 | .reduce((s, b) => s + String.fromCharCode(b), ''), |
| 695 | ) |
| 696 | return `$EncodedCommand = '${encoded}'\n${PARSE_SCRIPT_BODY}` |
| 697 | } |
| 698 | |
| 699 | /** |
| 700 | * Ensure a value is an array. PowerShell 5.1's ConvertTo-Json may unwrap |
no test coverage detected