如何安全地读取 PowerShell .PSD1 文件 [英] How to read PowerShell .PSD1 files safely
问题描述
PowerShell 模块清单文件格式 (.psd1) 本质上是具有某些预期键的哈希表文字.这是 PowerShell 脚本的配置文件的理想选择.我最终想要做的是读取一个 .psd1 文件,其中包含一组特定于脚本的键.
The PowerShell module manifest file format (.psd1) is essentially a Hashtable literal with certain keys expected. This is ideal for a configuration file for a PowerShell script. What I ultimately want to do is read a .psd1 file that contains a set of keys specific to the script.
例如(MyScriptConfig.psd1):
For example (MyScriptConfig.psd1):
@{
FTPHost = "ftp.blah.com"
FTPUserName = "blah"
FTPPassword = "blah"
}
我没有理由不能将 XML、INI、JSON 或其他任何信息用于此信息,但我宁愿它使用与 PowerShell 的模块清单相同的基本数据格式.
There's no reason I can't use XML, INI, JSON or whatever for this information, but I'd rather it use the same basic data format as PowerShell's module manifests.
显然,最简单的方法是读取文本并将其传递给 Invoke-Expression
,后者将返回一个 Hashtable,但随后它会调用文件中的任何内容,这很容易出错并且可能不安全.
Obviously the easiest thing would be to read the text and pass it to Invoke-Expression
which would return a Hashtable, but then it would invoke anything that's in the file, which is error prone and potentially unsafe.
我以为我记得使用 PowerShell cmdlet 的安全"子集读取这些数据的 cmdlet,但我想到了 ConvertFrom-StringData
和 DATA
部分,两者都没有其中让我读取包含 Hashtable 文字的任意文件.
I thought I recalled a cmdlet for reading this data using a "safe" subset of PowerShell cmdlets, but I was thinking of ConvertFrom-StringData
and DATA
sections, neither of which let me read an arbitrary file containing a Hashtable literal.
PowerShell 中是否有内置功能可以让我执行此操作?如果没有内置任何东西,那么我可能会使用 ConvertFrom-StringData
走 JSON 或 Key=Value 的路线.
Is there something built into PowerShell that lets me do this? If there's nothing built in, then I would probably go the route of JSON or Key=Value with ConvertFrom-StringData
.
推荐答案
Powershell 版本 5 添加了 Cmdlet Import-PowershellDataFile 用于安全解析 PSD1 文件.
Powershell version 5 added the Cmdlet Import-PowershellDataFile for safely parsing PSD1 files.
在第 5 版之前,至少有三种解决方案:
Prior to version 5, there were at least three solutions:
Cmdlet 导入本地化数据.虽然用于处理语言文件,但可以读取任何 PSD1 格式的文件.
The Cmdlet Import-LocalizedData. Which, though intended for processing language files, will read any PSD1 formatted file.
# Create a test PSD1 file
@'
@{
a1 = 'a1'
a2 = 2
a3 = @{
b1 = 'b1'
}
}
'@ | Set-Content -Path .path\example.psd1
# Read the file
Import-LocalizedData -BaseDirectory .\path -FileName example.psd1 -BindingVariable Data
# Use the data
$Data.a1
$Data.a3.b1
也可以使用 数据部分(内联排序违背了目的).
It is also possible to process in-line data with a Data Section (in-line sort of defeats the purpose).
# Safely parse data
$Data2 = DATA {
@{
a1 = 'a1'
a2 = 2
a3 = @{
b1 = 'b1'
}
}
}
# Use the data
$Data2.a1
$Data2.a3.b1
第三个是@Jakub Berezanski 提到的 PowerShell DSC 参数转换属性.
这篇关于如何安全地读取 PowerShell .PSD1 文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!