Skip to content

Commit

Permalink
feat: workaround missing string sanitization in .NET Core
Browse files Browse the repository at this point in the history 
this version is finally working

fixes issues with lack of HTTP header sanitization in .NET Core, see:
- NixOS/nixpkgs#315574
- microsoftgraph/msgraph-cli#477

Signed-off-by: Krzysztof Nazarewski <[email protected]>
  • Loading branch information
@nazarewk
nazarewk committed May 29, 2024
1 parent bec9cdc commit 5a76297
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 1 deletion.
19 changes: 19 additions & 0 deletions modules/ascii-workaround.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
/* Last reviewied: 2024-05-29
fixes issues with lack of HTTP header sanitization in .NET Core, see:
- https://github.com/NixOS/nixpkgs/issues/315574
- https://github.com/microsoftgraph/msgraph-cli/issues/477
*/
{ lib, options, ... }: {
/*
using just `readOnly` because it can contain neither of: default, example, description, apply, type
see https://github.com/NixOS/nixpkgs/blob/aae38d0d557d2f0e65b2ea8e1b92219f2c0ea8f9/lib/modules.nix#L752-L756
*/
options.system.nixos.codeName = lib.mkOption { readOnly = false; };

This comment has been minimized.

Sign in to view

Copy link
@Lillecarl

Lillecarl May 30, 2024

Nice, didn't know you can override options like that. Do you know the evaluation order here? Are "my modules options" evaluated last? (Or do they have priorities too?)

This comment has been minimized.

Sign in to view

Copy link
@nazarewk

nazarewk May 31, 2024

Author Member

no idea, I reached it from an idea on Matrix with a lot of trial and error: well over 10 attempts by different means I could come up with.

This comment has been minimized.

Sign in to view

Copy link
@nazarewk

nazarewk May 31, 2024
edited
Loading

Author Member

Reading docs of mergeOptionDecls it looks like it should not work nor be used like this.
config.system.nixos.codeName =
let
codeName = options.system.nixos.codeName.default;
renames."Vicuña" = "Vicuna";
in
renames."${codeName}" or (throw "Unknown `codeName`: ${codeName}, please add it to `renames` in `ascii-workaround.nix`");
}
1 change: 1 addition & 0 deletions modules/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
{ config, lib, pkgs, inputs, self, ... }: {
imports = [
./ascii-workaround.nix
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
./nix.nix
Expand Down
1 change: 0 additions & 1 deletion modules/profile/machine/baseline/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,5 @@ in
(builtins.concatStringsSep "\n")
];
}
(lib.mkIf (lib.trivial.codeName == "Vicuña") { system.nixos.codeName = lib.mkForce "Vicuna"; })
]);
}

0 comments on commit 5a76297

Please sign in to comment.