Commit Graph

14 Commits

Author SHA1 Message Date
Fringg
454b83138e fix: flood control handling in pinned messages and XSS hardening in HTML sanitizer
- Add retry loop with backoff to _unpin_message_for_user (max 3 attempts)
- Add TelegramRetryAfter handling in _send_and_pin_message (unpin + send phases)
- Fix missing failed_count increment when all broadcast retries exhaust (for/else)
- Remove dead code in unpin_active_pinned_message (unreachable TelegramRetryAfter catch)
- Harden sanitize_html: allowlist URI schemes (http/https/tg/mailto/tel), whitelist
  tag attributes, strip all attrs from tags without explicit whitelist, full HTML
  entity decoding via html.unescape
2026-02-12 19:13:40 +03:00
c0mrade
9a2aea038a chore: add uv package manager and ruff linter configuration
- Add pyproject.toml with uv and ruff configuration
- Pin Python version to 3.13 via .python-version
- Add Makefile commands: lint, format, fix
- Apply ruff formatting to entire codebase
- Remove unused imports (base64 in yookassa/simple_subscription)
- Update .gitignore for new config files
2026-01-24 17:45:27 +03:00
Egor
ea3033a088 Update validators.py 2025-12-22 15:11:23 +03:00
Egor
fff01d1ce3 Update validators.py 2025-11-28 06:23:55 +03:00
Egor
150f9e741a Revert "Remove blockquote markup to prevent Telegram parse errors" 2025-11-28 06:02:08 +03:00
Egor
71366a8133 Remove blockquote markup to prevent Telegram parse errors 2025-11-28 06:00:32 +03:00
Egor
9a5b0553c6 Avoid unescaping attribute entities in sanitizer 2025-11-28 02:22:39 +03:00
PEDZEO
c4b5db9002 fix(validation): sanitize имён + HTML-escape только в /start 2025-09-29 02:17:19 +03:00
Egor
87af0312cb Update validators.py 2025-09-14 04:04:05 +03:00
Egor
f56679cd9f Update validators.py 2025-09-07 11:15:13 +03:00
Egor
988f9eb4eb Update validators.py 2025-09-07 08:21:14 +03:00
Egor
881963ca7b Update validators.py 2025-09-07 08:11:55 +03:00
Egor
db6733083c Update validators.py 2025-09-07 08:07:45 +03:00
Egor
736e4c6cae NEW VERSION
NEW VERSION
2025-08-20 23:57:04 +03:00