On 03/03/2021 09:31, Juan Manuel Macías wrote:
(start-process-shell-command "zathura" nil (concat "zathura "
clean-path
" -P "
pag
(when str
(format " -f
'%s' " str)))))))
Please, do not forget to pass stings coming from user input through shell-quote-argument. There is combine-and-quote-strings function but its docstring tells that it is not safe enough. Ideally shell should be completely avoided in such cases and arguments should be passed as a list directly to exec. https://xkcd.com/327/
