|
| From: | Max Nikulin |
| Subject: | Re: [tip] Create and Insert a public Nextcloud/Owncloud link |
| Date: | Sun, 9 Oct 2022 10:32:58 +0700 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 |
On 08/10/2022 21:29, Juan Manuel Macías wrote:
Many times I need to create and share a public link to a file in my local folder. In the Nextcloud forum I learned how it can be done from the command line using curl,
..
│ (result-raw (shell-command-to-string │ (concat "curl -u " │ "\"" │ my-username │ ":" │ my-passwd │ "\""
Juan Manuel, your function is a nice proof of concept, but posting such code you are responsible for users who may try to use it verbatim having less experience with elisp.
Use at least `shell-quote-argument' (though it docstring has a link to info "(elisp)Security Considerations"). Just adding quote characters is unsafe. You may avoid non-alphanumeric characters in passwords and file names for good reasons, but for other users a quote character may dramatically change the executed command.
When TRAMP support is not necessary, arguments should be passed to external binary as a list without intermediate shell command. I know, Emacs does not have a convenience function with such calling convention similar to `shell-command-to-string'.
I am almost sure that Emacs has a package to send HTTP POST requests directly from elisp. Unsure it has convenient enough API (reasonable default timeouts, etc.), but it should be safer for working with peculiar file names and passwords stuffed with characters having special meaning in shell. I admit that the code would be more verbose. It may save you time for recovering you system from damage caused by unexpected interpretation of a shell command.
| [Prev in Thread] | Current Thread | [Next in Thread] |