You could try to use instead :

您可以尝试改用：

osascript -e "display notification \"$var2\""

Or :

或者 ：

osascript -e 'display notification "'"$var2"'"'

This fixes the problem of manipulation of variables that contains spaces in bash. However, this solution doesn't protect against injections of osascript code. So it would be better to choose one of Charles Duffy's solutionsor to use bashparameter expansion :

这解决了在 bash 中操作包含空格的变量的问题。但是，此解决方案不能防止注入 osascript 代码。所以最好选择Charles Duffy 的解决方案之一或使用bash参数扩展：

# if you prefer escape the doubles quotes
osascript -e "display notification \"${var2//\"/\\"}\""
# or
osascript -e 'display notification "'"${var2//\"/\\"}"'"'

# if you prefer to remove the doubles quotes
osascript -e "display notification \"${var2//\"/}\""
# or
osascript -e 'display notification "'"${var2//\"/}"'"'

Thank to mklement0 for this very useful suggestion !

感谢 mklement0 这个非常有用的建议！

This version is completely safe against injection attacks, unlike variants trying to use string concatenation.

与尝试使用字符串连接的变体不同，此版本对于注入攻击是完全安全的。

osascript \
  -e "on run(argv)" \
  -e "return display notification item 1 of argv" \
  -e "end" \
  -- "$var2"

...or, if one preferred to pass code in on stdin rather than argv:

...或者，如果人们更喜欢在 stdin 而不是 argv 上传递代码：

osascript -- - "$var2" <<'EOF'
  on run(argv)
    return display notification item 1 of argv
  end
EOF