mirror of
https://github.com/tdlight-team/tdlight-telegram-bot-api.git
synced 2024-11-26 21:56:49 +01:00
Stats: hide sensible data (#24)
Adds the --stats-hide-sensible-data flag (Docker: $TELEGRAM_STAT_HIDE_SENSIBLE_DATA=1), removing the bot token and the webhook url from the stats endpoint.
This commit is contained in:
parent
7c642e8e41
commit
c08d466be0
@ -107,6 +107,9 @@ Allow http connection in non-local mode
|
||||
##### Flag `--max-batch-operations=<number>`
|
||||
maximum number of batch operations (default 10000)
|
||||
|
||||
##### Executable parameter `--stats-hide-sensible-data`
|
||||
Makes the stats page (if enabled) hide the bot token and the webhook url to no leak user secrets, when served publicly.
|
||||
|
||||
#### Existing Command Line Parameters
|
||||
Which are not properly documented, so they are written down here.
|
||||
|
||||
|
@ -19,6 +19,9 @@ CUSTOM_ARGS=""
|
||||
if [ -n "$TELEGRAM_STAT" ]; then
|
||||
CUSTOM_ARGS="${CUSTOM_ARGS} --http-stat-port=8082"
|
||||
fi
|
||||
if [ -n "$TELEGRAM_STAT_HIDE_SENSIBLE_DATA" ]; then
|
||||
CUSTOM_ARGS="${CUSTOM_ARGS} --stats-hide-sensible-data"
|
||||
fi
|
||||
if [ -n "$TELEGRAM_FILTER" ]; then
|
||||
CUSTOM_ARGS="${CUSTOM_ARGS} --filter=$TELEGRAM_FILTER"
|
||||
fi
|
||||
|
@ -1,5 +1,5 @@
|
||||
//
|
||||
// Copyright Aliaksei Levin (levlam@telegram.org), Arseny Smirnov (arseny30@gmail.com) 2014-2020
|
||||
// Copyright Aliaksei Levin (levlam@telegram.org), Arseny Smirnov (arseny30@gmail.com) 2014-2020, Luckydonald (tdlight-telegram-bot-api+code@luckydonald.de) 2020
|
||||
//
|
||||
// Distributed under the Boost Software License, Version 1.0. (See accompanying
|
||||
// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
|
||||
@ -289,9 +289,17 @@ void ClientManager::get_stats(td::PromiseActor<td::BufferSlice> promise,
|
||||
sb << "\n";
|
||||
sb << "id\t" << bot_info.id_ << "\n";
|
||||
sb << "uptime\t" << now - bot_info.start_time_ << "\n";
|
||||
sb << "token\t" << bot_info.token_ << "\n";
|
||||
if (!parameters_->stats_hide_sensible_data_) {
|
||||
sb << "token\t" << bot_info.token_ << "\n";
|
||||
}
|
||||
sb << "username\t" << bot_info.username_ << "\n";
|
||||
sb << "webhook\t" << bot_info.webhook_ << "\n";
|
||||
if (!parameters_->stats_hide_sensible_data_) {
|
||||
sb << "webhook\t" << bot_info.webhook_ << "\n";
|
||||
} else if (bot_info.webhook_.empty()) {
|
||||
sb << "webhook disabled" << "\n";
|
||||
} else {
|
||||
sb << "webhook enabled" << "\n";
|
||||
}
|
||||
sb << "has_custom_certificate\t" << bot_info.has_webhook_certificate_ << "\n";
|
||||
sb << "head_update_id\t" << bot_info.head_update_id_ << "\n";
|
||||
sb << "tail_update_id\t" << bot_info.tail_update_id_ << "\n";
|
||||
|
@ -61,6 +61,7 @@ struct ClientParameters {
|
||||
bool no_file_limit_ = true;
|
||||
bool allow_users_ = false;
|
||||
bool allow_users_registration_ = false;
|
||||
bool stats_hide_sensible_data_ = false;
|
||||
|
||||
td::int32 api_id_ = 0;
|
||||
td::string api_hash_;
|
||||
|
@ -180,6 +180,8 @@ int main(int argc, char *argv[]) {
|
||||
options.add_option('\0', "allow-users-registration", "allow user accounts to be registered on the API",
|
||||
[&] { parameters->allow_users_registration_ = true; });
|
||||
|
||||
options.add_option('\0', "stats-hide-sensible-data", "in the stats hide sensible data like bot token and webhook url", [&] { parameters->stats_hide_sensible_data_ = true; });
|
||||
|
||||
options.add_checked_option(
|
||||
'\0', "api-id",
|
||||
"application identifier for Telegram API access, which can be obtained at https://my.telegram.org (defaults to "
|
||||
|
Loading…
Reference in New Issue
Block a user