From 6d459300a0868bf39f74535a8a1909292e21f782 Mon Sep 17 00:00:00 2001
From: Adam Tauber <asciimoo@gmail.com>
Date: Wed, 18 Oct 2017 23:35:31 +0200
Subject: [PATCH] [enh] add proper shell escaping

---
 wuzz.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/wuzz.go b/wuzz.go
index 84fee73..4308fe7 100644
--- a/wuzz.go
+++ b/wuzz.go
@@ -27,6 +27,7 @@ import (
 	"github.com/asciimoo/wuzz/config"
 	"github.com/asciimoo/wuzz/formatter"
 
+	"github.com/alessio/shellescape"
 	"github.com/jroimartin/gocui"
 	"github.com/mattn/go-runewidth"
 	"github.com/nsf/termbox-go"
@@ -1903,10 +1904,10 @@ func exportCurl(r Request) []byte {
 		if header == "" {
 			continue
 		}
-		headers = fmt.Sprintf("%s -H '%s'", headers, header)
+		headers = fmt.Sprintf("%s -H %s", headers, shellescape.Quote(header))
 	}
 	if r.GetParams != "" {
 		params = fmt.Sprintf("?%s", r.GetParams)
 	}
-	return []byte(fmt.Sprintf("curl %s -X %s -d '%s' %s%s\n", headers, r.Method, r.Data, r.Url, params))
+	return []byte(fmt.Sprintf("curl %s -X %s -d %s %s\n", headers, r.Method, shellescape.Quote(r.Data), shellescape.Quote(r.Url+params)))
 }