Index: openacs-4/packages/acs-tcl/tcl/http-client-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/http-client-procs.tcl,v
diff -u -N -r1.1.2.11 -r1.1.2.12
--- openacs-4/packages/acs-tcl/tcl/http-client-procs.tcl	12 Aug 2014 17:17:21 -0000	1.1.2.11
+++ openacs-4/packages/acs-tcl/tcl/http-client-procs.tcl	27 Nov 2014 15:01:19 -0000	1.1.2.12
@@ -1115,7 +1115,14 @@
         lappend cmd --compressed
     }
     
-    lappend cmd --data-binary $body
+    # Unfortunately, as we are interacting with a shell, there 
+    # is no way to escape content in an easy and safe way. We 
+    # just spool body content to a file and let it be read by curl.
+    set data_binary_tmpfile [ns_tmpnam]
+    set wfd [open $data_binary_tmpfile w]
+    puts -nonewline $wfd $body
+    close $wfd
+    lappend cmd --data-binary "@${data_binary_tmpfile}"
     
     # Return response code toghether with webpage
     lappend cmd -w " %\{http_code\}"
@@ -1148,7 +1155,6 @@
         ns_set put $resp_headers $key $value
     }
     close $rfd
-    file delete $resp_headers_tmpfile
     
     # Get values from response headers, then remove them
     set content_type     [ns_set iget $resp_headers content-type]
@@ -1168,6 +1174,10 @@
         set page [encoding convertfrom $enc $page]
     }
     
+    # Delete temp files
+    file delete $resp_headers_tmpfile
+    file delete $data_binary_tmpfile
+    
     return [list \
                 page     $page \
                 file     $spool_file \