Invoke-Expression considered harmfulhttp://blogs.msdn.com/b/powershell/archive/2011/06/03/invoke-expression-considered-harmful.aspxThe PowerShell team frequently gets questions that start out &ldquo;how do I get the quoting right for&hellip;&rdquo; and the answer turns out to usually be &ndash; there is a simpler way &ndash; don&rsquo;t use Invoke-Expression. The problem arisesen-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)re: Invoke-Expression considered harmfulhttp://blogs.msdn.com/b/powershell/archive/2011/06/03/invoke-expression-considered-harmful.aspx#10305715Wed, 16 May 2012 07:50:41 GMT91d46819-8472-40ad-a661-2c78acb4018c:10305715Sigh<p>I don&#39;t get it.</p> <p>People use it even when there&#39;s obviously no need to. This is what happens when you add do-not-use features to a programming language.</p> <p><a rel="nofollow" target="_new" href="http://blogs.msdn.com/b/oldnewthing/archive/2012/05/14/10304701.aspx#10305327">blogs.msdn.com/.../10304701.aspx</a></p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=10305715" width="1" height="1">re: Invoke-Expression considered harmfulhttp://blogs.msdn.com/b/powershell/archive/2011/06/03/invoke-expression-considered-harmful.aspx#10194680Thu, 11 Aug 2011 01:48:11 GMT91d46819-8472-40ad-a661-2c78acb4018c:10194680Rob Campbell<p>When the quoting on command arguments starts to get complicated, I usually just put the darned thing into a here-string and run that. Double qoted if I need to do substitution, single if not. &nbsp;It saves a lot of futzing around with escaping and quotes stacked two and sometimes 3 deep around arguments.</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=10194680" width="1" height="1">re: Invoke-Expression considered harmfulhttp://blogs.msdn.com/b/powershell/archive/2011/06/03/invoke-expression-considered-harmful.aspx#10191740Mon, 01 Aug 2011 17:47:02 GMT91d46819-8472-40ad-a661-2c78acb4018c:10191740pamarths<p>Still it is not clear to me why invoke-expression is pron to code injections when compared to using invocation operator &#39;&amp;&#39;. Any example is appreciated.</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=10191740" width="1" height="1">re: Invoke-Expression considered harmfulhttp://blogs.msdn.com/b/powershell/archive/2011/06/03/invoke-expression-considered-harmful.aspx#10187681Mon, 18 Jul 2011 22:33:33 GMT91d46819-8472-40ad-a661-2c78acb4018c:101876810ptikGhost<p>I blogged about this once too! <a rel="nofollow" target="_new" href="http://0ptikghost.blogspot.com/2011/02/executing-native-commands-in-powershell.html">0ptikghost.blogspot.com/.../executing-native-commands-in-powershell.html</a></p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=10187681" width="1" height="1">