@codebam/cf-workers-telegram-bot 12.0.0 → 12.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/telegram_bot.js
CHANGED
|
@@ -160,7 +160,7 @@ export default class TelegramBot {
|
|
|
160
160
|
console.log(this.update);
|
|
161
161
|
const ctx = new TelegramExecutionContext(this, this.update);
|
|
162
162
|
this.currentContext = ctx;
|
|
163
|
-
if (!(await ctx.shouldProcess())) {
|
|
163
|
+
if (ctx.shouldProcess && !(await ctx.shouldProcess())) {
|
|
164
164
|
console.log('Skipping update processing based on context validation');
|
|
165
165
|
return new Response('ok');
|
|
166
166
|
}
|
|
@@ -110,7 +110,7 @@ export default class TelegramExecutionContext {
|
|
|
110
110
|
console.warn('Failed to fetch business connection info:', e);
|
|
111
111
|
}
|
|
112
112
|
}
|
|
113
|
-
if (ownerId !== undefined && this.getChatId() === ownerId.toString()) {
|
|
113
|
+
if (ownerId !== undefined && (this.getChatId() === ownerId.toString() || this.userId === ownerId)) {
|
|
114
114
|
return false;
|
|
115
115
|
}
|
|
116
116
|
return true;
|
|
@@ -345,6 +345,9 @@ export default class TelegramExecutionContext {
|
|
|
345
345
|
* @returns Promise with the API response
|
|
346
346
|
*/
|
|
347
347
|
async sendTyping() {
|
|
348
|
+
if (this.update_type === 'guest_message') {
|
|
349
|
+
return null;
|
|
350
|
+
}
|
|
348
351
|
const params = {
|
|
349
352
|
chat_id: this.getChatId(),
|
|
350
353
|
message_thread_id: this.getThreadId(),
|
package/dist/utils.js
CHANGED
|
@@ -31,17 +31,18 @@ export async function markdownToHtml(s) {
|
|
|
31
31
|
};
|
|
32
32
|
renderer.strong = ({ tokens }) => `<b>${renderer.parser.parseInline(tokens)}</b>`;
|
|
33
33
|
renderer.em = ({ tokens }) => `<i>${renderer.parser.parseInline(tokens)}</i>`;
|
|
34
|
-
|
|
34
|
+
const escapeHtml = (text) => text.replace(/&/g, '&').replace(/</g, '<').replace(/>/g, '>');
|
|
35
|
+
renderer.codespan = ({ text }) => `<code>${escapeHtml(text)}</code>`;
|
|
35
36
|
renderer.code = ({ text, lang }) => {
|
|
36
|
-
const escapedText = text
|
|
37
|
+
const escapedText = escapeHtml(text);
|
|
37
38
|
if (lang) {
|
|
38
39
|
return `<pre><code class="language-${lang}">${escapedText}</code></pre>\n`;
|
|
39
40
|
}
|
|
40
41
|
return `<pre><code>${escapedText}</code></pre>\n`;
|
|
41
42
|
};
|
|
42
43
|
renderer.del = ({ tokens }) => `<s>${renderer.parser.parseInline(tokens)}</s>`;
|
|
43
|
-
renderer.link = ({ href, tokens }) => `<a href="${href}">${renderer.parser.parseInline(tokens)}</a>`;
|
|
44
|
-
renderer.image = ({ href, text }) => `<a href="${href}">${text}</a>`;
|
|
44
|
+
renderer.link = ({ href, tokens }) => `<a href="${escapeHtml(href)}">${renderer.parser.parseInline(tokens)}</a>`;
|
|
45
|
+
renderer.image = ({ href, text }) => `<a href="${escapeHtml(href)}">${escapeHtml(text)}</a>`;
|
|
45
46
|
renderer.blockquote = ({ tokens }) => {
|
|
46
47
|
return `<blockquote>${renderer.parser.parse(tokens)}</blockquote>\n`;
|
|
47
48
|
};
|
|
@@ -60,14 +61,14 @@ export async function markdownToHtml(s) {
|
|
|
60
61
|
}
|
|
61
62
|
}
|
|
62
63
|
// Escape everything else
|
|
63
|
-
return text
|
|
64
|
+
return escapeHtml(text);
|
|
64
65
|
};
|
|
65
66
|
renderer.text = (token) => {
|
|
66
67
|
if ('tokens' in token && token.tokens) {
|
|
67
68
|
return renderer.parser.parseInline(token.tokens);
|
|
68
69
|
}
|
|
69
70
|
// Escape standard HTML entities
|
|
70
|
-
return token.text
|
|
71
|
+
return escapeHtml(token.text);
|
|
71
72
|
};
|
|
72
73
|
marked.setOptions({
|
|
73
74
|
gfm: true,
|