mirror of
https://github.com/nix-community/home-manager
synced 2024-11-23 03:29:45 +01:00
firefox: improve search engine disclaimer generation
Using a fixed application name in the salt for the search engine name hash can break with minor branding changes. For example, LibreWolf 127 used the application name "LibreWolf", but in version 128 it is "Firefox". The proper name can be found in about:support -> Application Basics. Because it doesn't have to be related to the product name visible in most of the browser (for example in the window title and help menus), we shouldn't rely on cfg.name for that. The application name can be read from lib/*/application.ini and we can use that if the browser was installed via Home Manager. If not, we can fall back to cfg.name.
This commit is contained in:
parent
5056a1cf0c
commit
aecd341dfe
3 changed files with 23 additions and 3 deletions
|
@ -553,6 +553,7 @@ in {
|
||||||
inherit (args) config;
|
inherit (args) config;
|
||||||
inherit lib pkgs;
|
inherit lib pkgs;
|
||||||
appName = cfg.name;
|
appName = cfg.name;
|
||||||
|
package = cfg.finalPackage;
|
||||||
modulePath = modulePath ++ [ "profiles" name "search" ];
|
modulePath = modulePath ++ [ "profiles" name "search" ];
|
||||||
profilePath = config.path;
|
profilePath = config.path;
|
||||||
});
|
});
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ config, lib, pkgs, appName, modulePath, profilePath }:
|
{ config, lib, pkgs, appName, package, modulePath, profilePath }:
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
|
@ -108,10 +108,10 @@ let
|
||||||
# a claim by Mozilla to remove this would be very anti-user, and
|
# a claim by Mozilla to remove this would be very anti-user, and
|
||||||
# is unlikely to be an issue for our use case.
|
# is unlikely to be an issue for our use case.
|
||||||
disclaimer = "By modifying this file, I agree that I am doing so "
|
disclaimer = "By modifying this file, I agree that I am doing so "
|
||||||
+ "only within ${appName} itself, using official, user-driven search "
|
+ "only within @appName@ itself, using official, user-driven search "
|
||||||
+ "engine selection processes, and in a way which does not circumvent "
|
+ "engine selection processes, and in a way which does not circumvent "
|
||||||
+ "user consent. I acknowledge that any attempt to change this file "
|
+ "user consent. I acknowledge that any attempt to change this file "
|
||||||
+ "from outside of ${appName} is a malicious act, and will be responded "
|
+ "from outside of @appName@ is a malicious act, and will be responded "
|
||||||
+ "to accordingly.";
|
+ "to accordingly.";
|
||||||
|
|
||||||
salt = if config.default != null then
|
salt = if config.default != null then
|
||||||
|
@ -124,11 +124,29 @@ let
|
||||||
else
|
else
|
||||||
null;
|
null;
|
||||||
|
|
||||||
|
appNameVariable = if package == null then
|
||||||
|
"appName=${lib.escapeShellArg appName}"
|
||||||
|
else ''
|
||||||
|
applicationIni="$(find ${lib.escapeShellArg package} -maxdepth 3 -path ${
|
||||||
|
lib.escapeShellArg package
|
||||||
|
}'/lib/*/application.ini' -print -quit)"
|
||||||
|
if test -n "$applicationIni"; then
|
||||||
|
appName="$(sed -n 's/^Name=\(.*\)$/\1/p' "$applicationIni" | head -n1)"
|
||||||
|
else
|
||||||
|
appName=${lib.escapeShellArg appName}
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
|
||||||
file = pkgs.runCommand "search.json.mozlz4" {
|
file = pkgs.runCommand "search.json.mozlz4" {
|
||||||
nativeBuildInputs = with pkgs; [ mozlz4a openssl ];
|
nativeBuildInputs = with pkgs; [ mozlz4a openssl ];
|
||||||
json = builtins.toJSON settings;
|
json = builtins.toJSON settings;
|
||||||
inherit salt privateSalt;
|
inherit salt privateSalt;
|
||||||
} ''
|
} ''
|
||||||
|
${appNameVariable}
|
||||||
|
|
||||||
|
salt=''${salt//@appName@/"$appName"}
|
||||||
|
privateSalt=''${privateSalt//@appName@/"$appName"}
|
||||||
|
|
||||||
if [[ -n $salt ]]; then
|
if [[ -n $salt ]]; then
|
||||||
export hash=$(echo -n "$salt" | openssl dgst -sha256 -binary | base64)
|
export hash=$(echo -n "$salt" | openssl dgst -sha256 -binary | base64)
|
||||||
export privateHash=$(echo -n "$privateSalt" | openssl dgst -sha256 -binary | base64)
|
export privateHash=$(echo -n "$privateSalt" | openssl dgst -sha256 -binary | base64)
|
||||||
|
|
|
@ -232,6 +232,7 @@ in {
|
||||||
inherit (args) config;
|
inherit (args) config;
|
||||||
inherit lib pkgs;
|
inherit lib pkgs;
|
||||||
appName = "Thunderbird";
|
appName = "Thunderbird";
|
||||||
|
package = cfg.package;
|
||||||
modulePath =
|
modulePath =
|
||||||
[ "programs" "thunderbird" "profiles" name "search" ];
|
[ "programs" "thunderbird" "profiles" name "search" ];
|
||||||
profilePath = name;
|
profilePath = name;
|
||||||
|
|
Loading…
Reference in a new issue