--- name: feedback_windows_quote_stripping description: On Windows, embedded double-quotes in command args get stripped/mangled twice over — by PowerShell-invoked curl.exe (CommandLineToArgvW) and by the GuruRMM cmd shell layer. Build quoted args without literal embedded double-quotes. metadata: type: feedback --- On Windows, **embedded double-quotes inside a command argument get silently stripped or mangled** at two separate layers we hit repeatedly. The body of the arg survives; the `"` characters vanish, so the receiving program sees broken syntax (an undefined constant, a usage dump, a parse error) — never a clean error that points at quoting. Two confirmed failure layers: - **`curl.exe` invoked from PowerShell** — Windows re-parses the process command line via `CommandLineToArgvW`, which eats the inner `"` in `--data-urlencode 'x="y"'`. A pfSense `diag_command.php` PHP body became `echo PHPRUNS-OK` -> `echo PHPRUNS` -> "Undefined constant" (cost ~4 wasted RMM round-trips). (Howard, 2026-06-16.) - **GuruRMM `command_type:shell` (cmd.exe) layer** — `shutdown /r /t 60 /c "comment"` had its `"comment"` quotes mangled through the agent's cmd layer; shutdown rejected the args and dumped usage. Fix was to drop `/c` entirely. (2026-06-16.) **Why:** It's the same root cause both times — Windows command-line re-tokenization (`CommandLineToArgvW`) strips a layer of double-quotes that a Unix shell would have preserved. PowerShell -> native exe, and RMM -> cmd.exe, each add a re-parse. **How to apply:** - Don't put **literal embedded double-quotes** inside an arg you pass through PowerShell->curl.exe or RMM->cmd. Prefer single-quotes for the outer payload and construct any needed `"` from `[char]34` (PowerShell) — keep the command on one line. - For JSON request bodies, use a **single-quoted heredoc** (`<<'JSON'`) with `--data-binary @-` (per the Syncro/RMM skill rules) — that bypasses command-line re-parsing entirely. This is the reliable path. - If an arg with quotes is unavoidable, **drop the quoted part** (as with `shutdown /c`) or move the value into a file/variable the program reads itself. - Distinct-but-adjacent gotchas: non-ASCII chars in payload text also break on Windows/Git-bash (see [[feedback_ascii_only_api_payloads]]); `/tmp` resolves differently between Write and Git-bash (see [[feedback_tmp_path_windows]]); PowerShell variable names are case-insensitive (see the errorlog `$gUid`/`$guid` incident).