72 system config files. Note that these approaches can have unintended |
72 system config files. Note that these approaches can have unintended |
73 consequences, as the user and system config files often define things |
73 consequences, as the user and system config files often define things |
74 like the username and extensions that may be required to interface |
74 like the username and extensions that may be required to interface |
75 with a repository. |
75 with a repository. |
76 |
76 |
|
77 Command-line Flags |
|
78 ================== |
|
79 |
|
80 Mercurial's default command-line parser is designed for humans, and is not |
|
81 robust against malicious input. For instance, you can start a debugger by |
|
82 passing ``--debugger`` as an option value:: |
|
83 |
|
84 $ REV=--debugger sh -c 'hg log -r "$REV"' |
|
85 |
|
86 This happens because several command-line flags need to be scanned without |
|
87 using a concrete command table, which may be modified while loading repository |
|
88 settings and extensions. |
|
89 |
|
90 Since Mercurial 4.4.2, the parsing of such flags may be restricted by setting |
|
91 ``HGPLAIN=+strictflags``. When this feature is enabled, all early options |
|
92 (e.g. ``-R/--repository``, ``--cwd``, ``--config``) must be specified first |
|
93 amongst the other global options, and cannot be injected to an arbitrary |
|
94 location:: |
|
95 |
|
96 $ HGPLAIN=+strictflags hg -R "$REPO" log -r "$REV" |
|
97 |
|
98 In earlier Mercurial versions where ``+strictflags`` isn't available, you |
|
99 can mitigate the issue by concatenating an option value with its flag:: |
|
100 |
|
101 $ hg log -r"$REV" --keyword="$KEYWORD" |
|
102 |
77 Consuming Command Output |
103 Consuming Command Output |
78 ======================== |
104 ======================== |
79 |
105 |
80 It is common for machines to need to parse the output of Mercurial |
106 It is common for machines to need to parse the output of Mercurial |
81 commands for relevant data. This section describes the various |
107 commands for relevant data. This section describes the various |