diff --git a/README.md b/README.md
index a09ca15..bee1424 100644
--- a/README.md
+++ b/README.md
@@ -96,7 +96,13 @@ Use White List instead of Black List. This setting will not create the "excluded
 **-ListPath**<br>
 Get Black/White List from external Path (**URL/UNC/Local/GPO**) - download/copy to Winget-AutoUpdate installation location if external list is newer.<br>
 **PATH** must end with a Directory, not a File...<br>
-...if the external Path is an **URL** and the web host doesn't respond with a date/time header for the file (i.e **GitHub**) then the file is always downloaded!
+...if the external Path is an **URL** and the web host doesn't respond with a date/time header for the file (i.e **GitHub**) then the file is always downloaded!<br>
+
+If the external Path is a Private Azure Container protected by a SAS token (**resourceURI?sasToken**), every special character should be escaped at installation time.<br>
+It doesn't work to call Powershell in **CMD** to install **WAU** with the parameter:<br>
+`-ListPath https://storagesample.blob.core.windows.net/sample-container?v=2023-11-31&sr=b&sig=39Up9jzHkxhUIhFEjEh9594DIxe6cIRCgOVOICGSP%3A377&sp=rcw`<br>
+Instead you must escape **every** special character (notice the `%` escape too) like:<br>
+`-ListPath https://storagesample.blob.core.windows.net/sample-container^?v=2023-11-31^&sr=b^&sig=39Up9jzHkxhUIhFEjEh9594DIxe6cIRCgOVOICGSP%%3A377^&sp=rcw`
 
 If `-ListPath` is set to **GPO** the Black/White List can be managed from within the GPO itself under **Application GPO Blacklist**/**Application GPO Whitelist**. Thanks to [Weatherlights](https://github.com/Weatherlights) in [#256 (reply in thread)](https://github.com/Romanitho/Winget-AutoUpdate/discussions/256#discussioncomment-4710599)!
 
diff --git a/Sources/WAU/Winget-AutoUpdate/functions/Test-ListPath.ps1 b/Sources/WAU/Winget-AutoUpdate/functions/Test-ListPath.ps1
index 2ec3d7b..f49c881 100644
--- a/Sources/WAU/Winget-AutoUpdate/functions/Test-ListPath.ps1
+++ b/Sources/WAU/Winget-AutoUpdate/functions/Test-ListPath.ps1
@@ -21,6 +21,22 @@ function Test-ListPath ($ListPath, $UseWhiteList, $WingetUpdatePath) {
     # If path is URL
     if ($ListPath -like "http*") {
         $ExternalList = -join ($ListPath, "/", $ListType)
+
+        # Test if $ListPath contains the character "?" (testing for SAS token)
+        if ($Listpath -match "\?") {
+            # Split the URL into two strings at the "?" substring
+            $splitPath = $ListPath.Split("`?")
+
+            # Assign the first string (up to "?") to the variable $resourceURI
+            $resourceURI = $splitPath[0]
+
+            # Assign the second string (after "?" to the end) to the variable $sasToken
+            $sasToken = $splitPath[1]
+            
+            # Join the parts and add "/$ListType?" in between the parts
+            $ExternalList = -join ($resourceURI, "/$ListType`?", $sasToken)
+        }
+
         $wc = New-Object System.Net.WebClient
         try {
             $wc.OpenRead("$ExternalList").Close() | Out-Null