make callbackquery safe #709
Comments
|
For most uses, this kind of security doesn't really matter, since callback queries generally don't handle things that need to be secured, and in some cases the hash will be annoying for the developer more than anything since it uses up some of the 64 bytes that callback_data is allowed to consist of (in fact it seems that due to how botogram handles callback_data you're limited to only 32 bytes). Therefore if we do decide to implement this (PRs are always welcome!), it should be 100% optional. |
|
A similar subject was previously discussed by the developers. In general, what should be sent over the |
|
It would be nice to provide the user with tools to do this simply |
|
This can be safely closed, as this is not an issue anymore |
|
While callback_data is in fact checked by TG, they don't want us to rely on it (made the effort to ask @botsupport about that). Also #1844 is on the roadmap anyway, which will close this ;) |
botogram implemented a safe way to handle callback queries as you can read in the documentation (https://botogram.pietroalbini.org/docs/dev/buttons/#buttons-security)
the problem is that the callback_data is not sent by telegram, but the clients. So if a bot is admin of a group and it lets ban spamming users with buttons and the callback_data containts parameters (for example ban_user:123456789) a maliciuos client could change the parameter (for example ban_user:987654321) despite the text of the callback could be the same
The text was updated successfully, but these errors were encountered: