nix-prefetch-url - error: store path '<any-string>' contains illegal character '&'

[D3vil0p3r]

I'm trying to create a nix package of Burpsuite and the URL contains & character (pretty usual on URLs) and when I use nix-prefetch-url I get the following error:

nix-prefetch-url "https://portswigger.net/burp/releases/download?product=community&version=2023.10&type=linux"
error: store path '5df4akf5wxdsw3bz2ify2rl70im5j7cj-download?product=community&version=2023.10&type=linux' contains illegal character '&'

The default.nix I'm testing is the following one:

{ lib, fetchurl, stdenv, unzip }:

stdenv.mkDerivation rec {
  pname = "burpsuite-community";
  version = "2023.10";  # Replace with the actual version number
  src = fetchurl {
    url = "https://portswigger.net/burp/releases/download?product=community&version=${version}&type=linux";
    sha256 = "your_sha256_hash_here";  # You can compute this using `nix-prefetch-url`
  };

  nativeBuildInputs = [ unzip ];

  meta = with lib; {
    description = "Burp Suite Community Edition - Web vulnerability scanner";
    license = licenses.gpl2;
  };
}

[ksf]

You can pass --name to nix-prefetch-url to set the name used in the store path. Another option is to just try to build the derivation, nix will tell you the correct hash when erroring out.

Not disallowing certain characters in the store is probably a no-go, however, erroring out before downloading is certainly a good idea.

[nixos-discourse]

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/illegal-character-error-trying-to-use-fetchurl/47287/2