microsoft
diff --git a/‎Tasks/AzureFileCopyV1/AzureFileCopy.ps1‎
Lines changed: 1 addition & 0 deletions b/‎Tasks/AzureFileCopyV1/AzureFileCopy.ps1‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Tasks/AzureFileCopyV1/Strings/resources.resjson/en-US/resources.resjson‎
Lines changed: 2 additions & 1 deletion b/‎Tasks/AzureFileCopyV1/Strings/resources.resjson/en-US/resources.resjson‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎Tasks/AzureFileCopyV1/Tests/L0.ts‎
Lines changed: 3 additions & 0 deletions b/‎Tasks/AzureFileCopyV1/Tests/L0.ts‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎Tasks/AzureFileCopyV1/Tests/L0ValidateAdditionalArguments.ps1‎
Lines changed: 26 additions & 0 deletions b/‎Tasks/AzureFileCopyV1/Tests/L0ValidateAdditionalArguments.ps1‎
Lines changed: 26 additions & 0 deletions
diff --git a/‎Tasks/AzureFileCopyV1/Tests/MockVariable.ps1‎
Lines changed: 0 additions & 1 deletion b/‎Tasks/AzureFileCopyV1/Tests/MockVariable.ps1‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎Tasks/AzureFileCopyV1/Utility.ps1‎
Lines changed: 8 additions & 0 deletions b/‎Tasks/AzureFileCopyV1/Utility.ps1‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎Tasks/AzureFileCopyV1/task.json‎
Lines changed: 3 additions & 2 deletions b/‎Tasks/AzureFileCopyV1/task.json‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎Tasks/AzureFileCopyV1/task.loc.json‎
Lines changed: 3 additions & 2 deletions b/‎Tasks/AzureFileCopyV1/task.loc.json‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎Tasks/AzureFileCopyV2/AzureFileCopy.ps1‎
Lines changed: 1 addition & 0 deletions b/‎Tasks/AzureFileCopyV2/AzureFileCopy.ps1‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Tasks/AzureFileCopyV2/Strings/resources.resjson/en-US/resources.resjson‎
Lines changed: 1 addition & 0 deletions b/‎Tasks/AzureFileCopyV2/Strings/resources.resjson/en-US/resources.resjson‎
Lines changed: 1 addition & 0 deletions
@@ -136,6 +136,7 @@ try {
     }
 
     Check-ContainerNameAndArgs -containerName $containerName -additionalArguments $additionalArguments
+    Validate-AdditionalArguments $additionalArguments
 
     # Uploading files to container
     Upload-FilesToAzureContainer -sourcePath $sourcePath -storageAccountName $storageAccount -containerName $containerName -blobPrefix $blobPrefix -blobStorageEndpoint $blobStorageEndpoint -storageKey $storageKey `
 
@@ -91,5 +91,6 @@
   "loc.messages.AFC_RootContainerAndDirectory": "'/S' option is not valid for $root containers.",
   "loc.messages.AFC_RedirectResponseInvalidStatusCode": "The HTTP response code: '{0}' is not a valid redirect status code",
   "loc.messages.AFC_RedirectResponseLocationHeaderIsNull": "Redirect response location header is null.",
-  "loc.messages.AFC_UninstallWinRMCustomScriptExtension": "Uninstall WinRM custom script manually and retry deployment."
+  "loc.messages.AFC_UninstallWinRMCustomScriptExtension": "Uninstall WinRM custom script manually and retry deployment.",
+  "loc.messages.AFC_AdditionalArgumentsMustNotIncludeForbiddenCharacters": "Additional arguments can't include separator characters '&', ';' and '|'. Please verify input. To learn more about argument validation, please check https://aka.ms/azdo-task-argument-validation"
 }
@@ -111,5 +111,8 @@ describe('AzureFileCopy Suite', function () {
         it('Validate AzureFileCopy.Utility Check-ContainerNameAndArgs', (done) => {
             psr.run(path.join(__dirname, 'L0CheckContainerNameAndArgs.ps1'), done);
         });
+        it('Validate AzureFileCopy.Utility Validate-AdditionalArguments', (done) => {
+            psr.run(path.join(__dirname, 'L0ValidateAdditionalArguments.ps1'), done);
+        });
     }   
 });
@@ -0,0 +1,26 @@
+[CmdletBinding()]
+param()
+
+. $PSScriptRoot\..\..\..\Tests\lib\Initialize-Test.ps1
+. $PSScriptRoot\..\Utility.ps1
+
+# Arrange
+
+$invalidAdditionalArgumentsWithSemicolon = "echo 123 ; start notepad.exe"
+$invalidAdditionalArgumentsWithAmpersand = "echo 123 & start notepad.exe"
+$invalidAdditionalArgumentsWithVerticalBar = "echo 123 | start notepad.exe"
+$additionalArgumentsValidationErrorMessage = "AFC_AdditionalArgumentsMustNotIncludeForbiddenCharacters *";
+
+# Assert
+
+Assert-Throws {
+   Validate-AdditionalArguments $invalidAdditionalArgumentsWithSemicolon
+} -Message $additionalArgumentsValidationErrorMessage
+
+Assert-Throws {
+    Validate-AdditionalArguments $invalidAdditionalArgumentsWithAmpersand
+ } -Message $additionalArgumentsValidationErrorMessage
+
+Assert-Throws {
+   Validate-AdditionalArguments $invalidAdditionalArgumentsWithVerticalBar
+} -Message $additionalArgumentsValidationErrorMessage
@@ -1,4 +1,3 @@
-
 $validInputSourcePath = Join-Path $env:windir "Source"
 $validInputAzureBlobDestinationType = "AzureBlob"
 $validInputAzureVmsDestinationType = "AzureVms"
 
@@ -1447,4 +1447,12 @@ function Check-ContainerNameAndArgs
     {
         Write-Warning (Get-vstsLocString -Key "AFC_RootContainerAndDirectory")
     }
+}
+
+function Validate-AdditionalArguments([string]$additionalArguments)
+{
+    if($additionalArguments -match "[&;|]")
+    {
+        ThrowError -errorMessage (Get-VstsLocString -Key "AFC_AdditionalArgumentsMustNotIncludeForbiddenCharacters")
+    }
 }
@@ -13,7 +13,7 @@
     "author": "Microsoft Corporation",
     "version": {
         "Major": 1,
-        "Minor": 219,
+        "Minor": 221,
         "Patch": 0
     },
     "demands": [
@@ -349,6 +349,7 @@
         "AFC_RootContainerAndDirectory": "'/S' option is not valid for $root containers.",
         "AFC_RedirectResponseInvalidStatusCode": "The HTTP response code: '{0}' is not a valid redirect status code",
         "AFC_RedirectResponseLocationHeaderIsNull": "Redirect response location header is null.",
-        "AFC_UninstallWinRMCustomScriptExtension": "Uninstall WinRM custom script manually and retry deployment."
+        "AFC_UninstallWinRMCustomScriptExtension": "Uninstall WinRM custom script manually and retry deployment.",
+        "AFC_AdditionalArgumentsMustNotIncludeForbiddenCharacters": "Additional arguments can't include separator characters '&', ';' and '|'. Please verify input. To learn more about argument validation, please check https://aka.ms/azdo-task-argument-validation"
     }
 }
@@ -13,7 +13,7 @@
   "author": "Microsoft Corporation",
   "version": {
     "Major": 1,
-    "Minor": 219,
+    "Minor": 221,
     "Patch": 0
   },
   "demands": [
@@ -349,6 +349,7 @@
     "AFC_RootContainerAndDirectory": "ms-resource:loc.messages.AFC_RootContainerAndDirectory",
     "AFC_RedirectResponseInvalidStatusCode": "ms-resource:loc.messages.AFC_RedirectResponseInvalidStatusCode",
     "AFC_RedirectResponseLocationHeaderIsNull": "ms-resource:loc.messages.AFC_RedirectResponseLocationHeaderIsNull",
-    "AFC_UninstallWinRMCustomScriptExtension": "ms-resource:loc.messages.AFC_UninstallWinRMCustomScriptExtension"
+    "AFC_UninstallWinRMCustomScriptExtension": "ms-resource:loc.messages.AFC_UninstallWinRMCustomScriptExtension",
+    "AFC_AdditionalArgumentsMustNotIncludeForbiddenCharacters": "ms-resource:loc.messages.AFC_AdditionalArgumentsMustNotIncludeForbiddenCharacters"
   }
 }
@@ -166,6 +166,7 @@ try {
     }
 
     Check-ContainerNameAndArgs -containerName $containerName -additionalArguments $additionalArgumentsForBlobCopy
+    Validate-AdditionalArguments $additionalArguments
 
     # Uploading files to container
     Upload-FilesToAzureContainer -sourcePath $sourcePath `
 
@@ -97,5 +97,6 @@
   "loc.messages.AFC_AzCopyBlobUploadNonZeroExitCode": "AzCopy.exe exited with non-zero exit code while uploading files to blob storage.",
   "loc.messages.AFC_PreexecutionJob_UnableToGetStorageKey": "Unable to fetch storage account key. Error: '{0}'",
   "loc.messages.AFC_UninstallWinRMCustomScriptExtension": "Uninstall WinRM custom script manually and retry deployment.",
+  "loc.messages.AFC_AdditionalArgumentsMustNotIncludeForbiddenCharacters": "Additional arguments can't include separator characters '&', ';' and '|'. Please verify input. To learn more about argument validation, please check https://aka.ms/azdo-task-argument-validation",
   "loc.messages.ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired."
 }
Original file line number	Diff line number	Diff line change
`@@ -136,6 +136,7 @@ try {`
`136`	`136`	`}`
`137`	`137`
`138`	`138`	`Check-ContainerNameAndArgs -containerName $containerName -additionalArguments $additionalArguments`
	`139`	`+ Validate-AdditionalArguments $additionalArguments`
`139`	`140`
`140`	`141`	`# Uploading files to container`
`141`	`142`	Upload-FilesToAzureContainer -sourcePath $sourcePath -storageAccountName $storageAccount -containerName $containerName -blobPrefix $blobPrefix -blobStorageEndpoint $blobStorageEndpoint -storageKey $storageKey `
Original file line number	Diff line number	Diff line change
`@@ -91,5 +91,6 @@`
`91`	`91`	`"loc.messages.AFC_RootContainerAndDirectory": "'/S' option is not valid for $root containers.",`
`92`	`92`	`"loc.messages.AFC_RedirectResponseInvalidStatusCode": "The HTTP response code: '{0}' is not a valid redirect status code",`
`93`	`93`	`"loc.messages.AFC_RedirectResponseLocationHeaderIsNull": "Redirect response location header is null.",`
`94`		`- "loc.messages.AFC_UninstallWinRMCustomScriptExtension": "Uninstall WinRM custom script manually and retry deployment."`
	`94`	`+ "loc.messages.AFC_UninstallWinRMCustomScriptExtension": "Uninstall WinRM custom script manually and retry deployment.",`
	`95`	`+ "loc.messages.AFC_AdditionalArgumentsMustNotIncludeForbiddenCharacters": "Additional arguments can't include separator characters '&', ';' and '\|'. Please verify input. To learn more about argument validation, please check https://aka.ms/azdo-task-argument-validation"`
`95`	`96`	`}`
Original file line number	Diff line number	Diff line change
`@@ -111,5 +111,8 @@ describe('AzureFileCopy Suite', function () {`
`111`	`111`	`it('Validate AzureFileCopy.Utility Check-ContainerNameAndArgs', (done) => {`
`112`	`112`	`psr.run(path.join(__dirname, 'L0CheckContainerNameAndArgs.ps1'), done);`
`113`	`113`	`});`
	`114`	`+ it('Validate AzureFileCopy.Utility Validate-AdditionalArguments', (done) => {`
	`115`	`+ psr.run(path.join(__dirname, 'L0ValidateAdditionalArguments.ps1'), done);`
	`116`	`+ });`
`114`	`117`	`}`
`115`	`118`	`});`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,3 @@`
`1`		`-`
`2`	`1`	`$validInputSourcePath = Join-Path $env:windir "Source"`
`3`	`2`	`$validInputAzureBlobDestinationType = "AzureBlob"`
`4`	`3`	`$validInputAzureVmsDestinationType = "AzureVms"`
Original file line number	Diff line number	Diff line change
`@@ -1447,4 +1447,12 @@ function Check-ContainerNameAndArgs`
`1447`	`1447`	`{`
`1448`	`1448`	`Write-Warning (Get-vstsLocString -Key "AFC_RootContainerAndDirectory")`
`1449`	`1449`	`}`
	`1450`	`+}`
	`1451`	`+`
	`1452`	`+function Validate-AdditionalArguments([string]$additionalArguments)`
	`1453`	`+{`
	`1454`	`+ if($additionalArguments -match "[&;\|]")`
	`1455`	`+ {`
	`1456`	`+ ThrowError -errorMessage (Get-VstsLocString -Key "AFC_AdditionalArgumentsMustNotIncludeForbiddenCharacters")`
	`1457`	`+ }`
`1450`	`1458`	`}`
Original file line number	Diff line number	Diff line change
`@@ -166,6 +166,7 @@ try {`
`166`	`166`	`}`
`167`	`167`
`168`	`168`	`Check-ContainerNameAndArgs -containerName $containerName -additionalArguments $additionalArgumentsForBlobCopy`
	`169`	`+ Validate-AdditionalArguments $additionalArguments`
`169`	`170`
`170`	`171`	`# Uploading files to container`
`171`	`172`	Upload-FilesToAzureContainer -sourcePath $sourcePath `
Original file line number	Diff line number	Diff line change
`@@ -97,5 +97,6 @@`
`97`	`97`	`"loc.messages.AFC_AzCopyBlobUploadNonZeroExitCode": "AzCopy.exe exited with non-zero exit code while uploading files to blob storage.",`
`98`	`98`	`"loc.messages.AFC_PreexecutionJob_UnableToGetStorageKey": "Unable to fetch storage account key. Error: '{0}'",`
`99`	`99`	`"loc.messages.AFC_UninstallWinRMCustomScriptExtension": "Uninstall WinRM custom script manually and retry deployment.",`
	`100`	`+ "loc.messages.AFC_AdditionalArgumentsMustNotIncludeForbiddenCharacters": "Additional arguments can't include separator characters '&', ';' and '\|'. Please verify input. To learn more about argument validation, please check https://aka.ms/azdo-task-argument-validation",`
`100`	`101`	`"loc.messages.ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired."`
`101`	`102`	`}`