npm - @codebam/cf-workers-telegram-bot - Versions diffs - 12.1.0 → 12.3.0 - Mend

@codebam/cf-workers-telegram-bot 12.1.0 → 12.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/telegram_bot.d.ts +4 -0
package/dist/telegram_bot.js +5 -0
package/dist/telegram_execution_context.d.ts +2 -0
package/dist/telegram_execution_context.js +22 -3
package/dist/utils.js +7 -6
package/package.json +1 -1

package/dist/telegram_bot.d.ts CHANGED Viewed

@@ -20,6 +20,10 @@ export default class TelegramBot {
     defaultCommand: string;
     /** Optional secret token for webhook verification */
     secretToken?: string;
+    /** The bot's own user ID */
+    botId: number;
+    /** TTL for self-responses */
+    ttl: number;
     /**
      *	Create a bot
      *	@param token - the telegram secret token

package/dist/telegram_bot.js CHANGED Viewed

@@ -19,6 +19,10 @@ export default class TelegramBot {
     defaultCommand = ':message';
     /** Optional secret token for webhook verification */
     secretToken;
+    /** The bot's own user ID */
+    botId;
+    /** TTL for self-responses */
+    ttl = 2;
     /**
      *	Create a bot
      *	@param token - the telegram secret token
@@ -27,6 +31,7 @@ export default class TelegramBot {
     constructor(token, options) {
         this.token = token.trim();
         this.api = new URL('https://api.telegram.org/bot' + this.token);
+        this.botId = parseInt(this.token.split(':')[0]);
         if (options?.defaultCommand) {
             this.defaultCommand = options.defaultCommand;
         }

package/dist/telegram_execution_context.d.ts CHANGED Viewed

@@ -7,6 +7,8 @@ export default class TelegramExecutionContext {
     private static businessOwners;
     /** Cache for dead business connections */
     private static poisonedConnections;
+    /** Cache for self-response counts to prevent infinite loops */
+    private static selfResponseCount;
     /** an instance of the telegram bot */
     bot: TelegramBot;
     /** an instance of the telegram update */

package/dist/telegram_execution_context.js CHANGED Viewed

@@ -5,6 +5,8 @@ export default class TelegramExecutionContext {
     static businessOwners = new Map();
     /** Cache for dead business connections */
     static poisonedConnections = new Set();
+    /** Cache for self-response counts to prevent infinite loops */
+    static selfResponseCount = new Map();
     /** an instance of the telegram bot */
     bot;
     /** an instance of the telegram update */
@@ -73,6 +75,16 @@ export default class TelegramExecutionContext {
      */
     async shouldProcess() {
         if (this.update_type !== 'business_message') {
+            if (this.userId === this.bot.botId) {
+                const chatId = this.getChatId();
+                const count = TelegramExecutionContext.selfResponseCount.get(chatId) || 0;
+                if (count < this.bot.ttl) {
+                    TelegramExecutionContext.selfResponseCount.set(chatId, count + 1);
+                    return true;
+                }
+                return false;
+            }
+            TelegramExecutionContext.selfResponseCount.delete(this.getChatId());
             return true;
         }
         const connectionId = this.update.business_message?.business_connection_id?.toString();
@@ -111,8 +123,15 @@ export default class TelegramExecutionContext {
             }
         }
         if (ownerId !== undefined && (this.getChatId() === ownerId.toString() || this.userId === ownerId)) {
+            const chatId = this.getChatId();
+            const count = TelegramExecutionContext.selfResponseCount.get(chatId) || 0;
+            if (count < this.bot.ttl) {
+                TelegramExecutionContext.selfResponseCount.set(chatId, count + 1);
+                return true;
+            }
             return false;
         }
+        TelegramExecutionContext.selfResponseCount.delete(this.getChatId());
         return true;
     }
     determineUpdateType() {
@@ -156,13 +175,13 @@ export default class TelegramExecutionContext {
      * @returns The chat ID as a string or empty string if not available
      */
     getChatId() {
-        if (this.update.message?.chat.id) {
+        if (this.update.message?.chat?.id) {
             return this.update.message.chat.id.toString();
         }
-        else if (this.update.business_message?.chat.id) {
+        else if (this.update.business_message?.chat?.id) {
             return this.update.business_message.chat.id.toString();
         }
-        else if (this.update.guest_message?.chat.id) {
+        else if (this.update.guest_message?.chat?.id) {
             return this.update.guest_message.chat.id.toString();
         }
         return '';

package/dist/utils.js CHANGED Viewed

@@ -31,17 +31,18 @@ export async function markdownToHtml(s) {
     };
     renderer.strong = ({ tokens }) => `<b>${renderer.parser.parseInline(tokens)}</b>`;
     renderer.em = ({ tokens }) => `<i>${renderer.parser.parseInline(tokens)}</i>`;
-    renderer.codespan = ({ text }) => `<code>${text}</code>`;
+    const escapeHtml = (text) => text.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+    renderer.codespan = ({ text }) => `<code>${escapeHtml(text)}</code>`;
     renderer.code = ({ text, lang }) => {
-        const escapedText = text.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+        const escapedText = escapeHtml(text);
         if (lang) {
             return `<pre><code class="language-${lang}">${escapedText}</code></pre>\n`;
         }
         return `<pre><code>${escapedText}</code></pre>\n`;
     };
     renderer.del = ({ tokens }) => `<s>${renderer.parser.parseInline(tokens)}</s>`;
-    renderer.link = ({ href, tokens }) => `<a href="${href}">${renderer.parser.parseInline(tokens)}</a>`;
-    renderer.image = ({ href, text }) => `<a href="${href}">${text}</a>`;
+    renderer.link = ({ href, tokens }) => `<a href="${escapeHtml(href)}">${renderer.parser.parseInline(tokens)}</a>`;
+    renderer.image = ({ href, text }) => `<a href="${escapeHtml(href)}">${escapeHtml(text)}</a>`;
     renderer.blockquote = ({ tokens }) => {
         return `<blockquote>${renderer.parser.parse(tokens)}</blockquote>\n`;
     };
@@ -60,14 +61,14 @@ export async function markdownToHtml(s) {
             }
         }
         // Escape everything else
-        return text.replace(/</g, '&lt;').replace(/>/g, '&gt;');
+        return escapeHtml(text);
     };
     renderer.text = (token) => {
         if ('tokens' in token && token.tokens) {
             return renderer.parser.parseInline(token.tokens);
         }
         // Escape standard HTML entities
-        return token.text.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+        return escapeHtml(token.text);
     };
     marked.setOptions({
         gfm: true,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@codebam/cf-workers-telegram-bot",
-	"version": "12.1.0",
+	"version": "12.3.0",
 	"description": "serverless telegram bot on cf workers",
 	"main": "./dist/main.js",
 	"module": "./dist/main.js",