diff --git a/package-lock.json b/package-lock.json
index a7d36255..c8065473 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -146,8 +146,7 @@
"array-uniq": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/array-uniq/-/array-uniq-1.0.3.tgz",
- "integrity": "sha1-r2rId6Jcx/dOBYiUdThY39sk/bY=",
- "dev": true
+ "integrity": "sha1-r2rId6Jcx/dOBYiUdThY39sk/bY="
},
"arrify": {
"version": "1.0.1",
@@ -1028,11 +1027,49 @@
}
}
},
+ "dom-serializer": {
+ "version": "0.1.0",
+ "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-0.1.0.tgz",
+ "integrity": "sha1-BzxpdUbOB4DOI75KKOKT5AvDDII=",
+ "requires": {
+ "domelementtype": "1.1.3",
+ "entities": "1.1.1"
+ },
+ "dependencies": {
+ "domelementtype": {
+ "version": "1.1.3",
+ "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-1.1.3.tgz",
+ "integrity": "sha1-vSh3PiZCiBrsUVRJJCmcXNgiGFs="
+ }
+ }
+ },
"domain-browser": {
"version": "1.1.7",
"resolved": "https://registry.npmjs.org/domain-browser/-/domain-browser-1.1.7.tgz",
"integrity": "sha1-hnqksJP6oF8d4IwG9NeyH9+GmLw="
},
+ "domelementtype": {
+ "version": "1.3.0",
+ "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-1.3.0.tgz",
+ "integrity": "sha1-sXrtguirWeUt2cGbF1bg/BhyBMI="
+ },
+ "domhandler": {
+ "version": "2.4.1",
+ "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-2.4.1.tgz",
+ "integrity": "sha1-iS5HAAqZvlW783dP/qBWHYh5wlk=",
+ "requires": {
+ "domelementtype": "1.3.0"
+ }
+ },
+ "domutils": {
+ "version": "1.6.2",
+ "resolved": "https://registry.npmjs.org/domutils/-/domutils-1.6.2.tgz",
+ "integrity": "sha1-GVjMC0yUJuntNn+xyOhUiRsPo/8=",
+ "requires": {
+ "dom-serializer": "0.1.0",
+ "domelementtype": "1.3.0"
+ }
+ },
"duplexer2": {
"version": "0.0.2",
"resolved": "https://registry.npmjs.org/duplexer2/-/duplexer2-0.0.2.tgz",
@@ -1082,6 +1119,11 @@
"minimalistic-crypto-utils": "1.0.1"
}
},
+ "entities": {
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/entities/-/entities-1.1.1.tgz",
+ "integrity": "sha1-blwtClYhtdra7O+AuQ7ftc13cvA="
+ },
"error-ex": {
"version": "1.3.1",
"resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.1.tgz",
@@ -1148,9 +1190,9 @@
}
},
"escape-html": {
- "version": "1.0.1",
- "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.1.tgz",
- "integrity": "sha1-GBoobq05ejmpKFfPsdQwUuNWv/A="
+ "version": "1.0.3",
+ "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz",
+ "integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg="
},
"escape-string-regexp": {
"version": "1.0.5",
@@ -1501,6 +1543,11 @@
"ms": "0.7.1"
}
},
+ "escape-html": {
+ "version": "1.0.1",
+ "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.1.tgz",
+ "integrity": "sha1-GBoobq05ejmpKFfPsdQwUuNWv/A="
+ },
"ms": {
"version": "0.7.1",
"resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz",
@@ -1608,6 +1655,11 @@
"ms": "0.7.1"
}
},
+ "escape-html": {
+ "version": "1.0.1",
+ "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.1.tgz",
+ "integrity": "sha1-GBoobq05ejmpKFfPsdQwUuNWv/A="
+ },
"ms": {
"version": "0.7.1",
"resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz",
@@ -1899,6 +1951,48 @@
"resolved": "https://registry.npmjs.org/htmlescape/-/htmlescape-1.1.1.tgz",
"integrity": "sha1-OgPtwiFLyjtmQko+eVk0lQnLA1E="
},
+ "htmlparser2": {
+ "version": "3.9.2",
+ "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-3.9.2.tgz",
+ "integrity": "sha1-G9+HrMoPP55T+k/M6w9LTLsAszg=",
+ "requires": {
+ "domelementtype": "1.3.0",
+ "domhandler": "2.4.1",
+ "domutils": "1.6.2",
+ "entities": "1.1.1",
+ "inherits": "2.0.3",
+ "readable-stream": "2.3.3"
+ },
+ "dependencies": {
+ "isarray": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+ "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE="
+ },
+ "readable-stream": {
+ "version": "2.3.3",
+ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.3.tgz",
+ "integrity": "sha512-m+qzzcn7KUxEmd1gMbchF+Y2eIUbieUaxkWtptyHywrX0rE8QEYqPC07Vuy4Wm32/xE16NcdBctb8S0Xe/5IeQ==",
+ "requires": {
+ "core-util-is": "1.0.2",
+ "inherits": "2.0.3",
+ "isarray": "1.0.0",
+ "process-nextick-args": "1.0.7",
+ "safe-buffer": "5.1.1",
+ "string_decoder": "1.0.3",
+ "util-deprecate": "1.0.2"
+ }
+ },
+ "string_decoder": {
+ "version": "1.0.3",
+ "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz",
+ "integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==",
+ "requires": {
+ "safe-buffer": "5.1.1"
+ }
+ }
+ }
+ },
"http-browserify": {
"version": "1.7.0",
"resolved": "https://registry.npmjs.org/http-browserify/-/http-browserify-1.7.0.tgz",
@@ -2340,17 +2434,37 @@
"resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.4.tgz",
"integrity": "sha1-3MHXVS4VCgZABzupyzHXDwMpUOc="
},
+ "lodash.clonedeep": {
+ "version": "4.5.0",
+ "resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz",
+ "integrity": "sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8="
+ },
"lodash.cond": {
"version": "4.5.2",
"resolved": "https://registry.npmjs.org/lodash.cond/-/lodash.cond-4.5.2.tgz",
"integrity": "sha1-9HGh2khr5g9quVXRcRVSPdHSVdU=",
"dev": true
},
+ "lodash.escaperegexp": {
+ "version": "4.1.2",
+ "resolved": "https://registry.npmjs.org/lodash.escaperegexp/-/lodash.escaperegexp-4.1.2.tgz",
+ "integrity": "sha1-ZHYsSGGAglGKw99Mz11YhtriA0c="
+ },
+ "lodash.isarray": {
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/lodash.isarray/-/lodash.isarray-4.0.0.tgz",
+ "integrity": "sha1-KspJayjEym1yZxUxNZDALm6jRAM="
+ },
"lodash.memoize": {
"version": "3.0.4",
"resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-3.0.4.tgz",
"integrity": "sha1-LcvSwofLwKVcxCMovQxzYVDVPj8="
},
+ "lodash.mergewith": {
+ "version": "4.6.0",
+ "resolved": "https://registry.npmjs.org/lodash.mergewith/-/lodash.mergewith-4.6.0.tgz",
+ "integrity": "sha1-FQzwoWeR9ZA7iJHqsVRgknS96lU="
+ },
"loose-envify": {
"version": "1.3.1",
"resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.3.1.tgz",
@@ -2377,6 +2491,11 @@
"es5-ext": "0.10.35"
}
},
+ "marked": {
+ "version": "0.3.6",
+ "resolved": "https://registry.npmjs.org/marked/-/marked-0.3.6.tgz",
+ "integrity": "sha1-ssbGGPzOzk74bE/Gy4p8v1rtqNc="
+ },
"matrix-appservice": {
"version": "0.3.4",
"resolved": "https://registry.npmjs.org/matrix-appservice/-/matrix-appservice-0.3.4.tgz",
@@ -2796,6 +2915,11 @@
"validate-npm-package-license": "3.0.1"
}
},
+ "number-is-nan": {
+ "version": "1.0.1",
+ "resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz",
+ "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0="
+ },
"oauth-sign": {
"version": "0.6.0",
"resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.6.0.tgz",
@@ -3023,6 +3147,31 @@
"integrity": "sha512-ARhBOdzS3e41FbkW/XWrTEtukqqLoK5+Z/4UeDaLuSW+39JPeFgs4gCGqsrJHVZX0fUrx//4OF0K1CUGwlIFow==",
"dev": true
},
+ "postcss": {
+ "version": "6.0.14",
+ "resolved": "https://registry.npmjs.org/postcss/-/postcss-6.0.14.tgz",
+ "integrity": "sha512-NJ1z0f+1offCgadPhz+DvGm5Mkci+mmV5BqD13S992o0Xk9eElxUfPPF+t2ksH5R/17gz4xVK8KWocUQ5o3Rog==",
+ "requires": {
+ "chalk": "2.3.0",
+ "source-map": "0.6.1",
+ "supports-color": "4.5.0"
+ },
+ "dependencies": {
+ "source-map": {
+ "version": "0.6.1",
+ "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+ "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g=="
+ },
+ "supports-color": {
+ "version": "4.5.0",
+ "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-4.5.0.tgz",
+ "integrity": "sha1-vnoN5ITexcXN34s9WRJQRJEvY1s=",
+ "requires": {
+ "has-flag": "2.0.0"
+ }
+ }
+ }
+ },
"prelude-ls": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz",
@@ -3042,8 +3191,7 @@
"process-nextick-args": {
"version": "1.0.7",
"resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-1.0.7.tgz",
- "integrity": "sha1-FQ4gt1ZZCtP5EJPyWk8q2L/zC6M=",
- "dev": true
+ "integrity": "sha1-FQ4gt1ZZCtP5EJPyWk8q2L/zC6M="
},
"progress": {
"version": "2.0.0",
@@ -3554,6 +3702,21 @@
"resolved": "https://registry.npmjs.org/sanctuary-type-identifiers/-/sanctuary-type-identifiers-2.0.1.tgz",
"integrity": "sha1-/FJM9t2Szr/LsN2VCe/xkxWaIO0="
},
+ "sanitize-html": {
+ "version": "1.16.1",
+ "resolved": "https://registry.npmjs.org/sanitize-html/-/sanitize-html-1.16.1.tgz",
+ "integrity": "sha512-w3++cRkD2krVl8Zn70l7OcrF+zQc6lF0EVzCrcyFA3LR3AofZb2AuC3HRWyyNq225kSvl5K7IxSpQMkTQ+bHkw==",
+ "requires": {
+ "htmlparser2": "3.9.2",
+ "lodash.clonedeep": "4.5.0",
+ "lodash.escaperegexp": "4.1.2",
+ "lodash.isarray": "4.0.0",
+ "lodash.mergewith": "4.6.0",
+ "postcss": "6.0.14",
+ "srcset": "1.0.0",
+ "xtend": "4.0.1"
+ }
+ },
"semver": {
"version": "5.4.1",
"resolved": "https://registry.npmjs.org/semver/-/semver-5.4.1.tgz",
@@ -3585,6 +3748,11 @@
"ms": "0.7.1"
}
},
+ "escape-html": {
+ "version": "1.0.1",
+ "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.1.tgz",
+ "integrity": "sha1-GBoobq05ejmpKFfPsdQwUuNWv/A="
+ },
"ms": {
"version": "0.7.1",
"resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz",
@@ -3601,6 +3769,13 @@
"parseurl": "1.3.2",
"send": "0.12.3",
"utils-merge": "1.0.0"
+ },
+ "dependencies": {
+ "escape-html": {
+ "version": "1.0.1",
+ "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.1.tgz",
+ "integrity": "sha1-GBoobq05ejmpKFfPsdQwUuNWv/A="
+ }
}
},
"sha.js": {
@@ -3698,6 +3873,15 @@
"resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz",
"integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw="
},
+ "srcset": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/srcset/-/srcset-1.0.0.tgz",
+ "integrity": "sha1-pWad4StC87HV6D7QPHEEb8SPQe8=",
+ "requires": {
+ "array-uniq": "1.0.3",
+ "number-is-nan": "1.0.1"
+ }
+ },
"sshpk": {
"version": "1.13.1",
"resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.13.1.tgz",
@@ -4103,8 +4287,7 @@
"util-deprecate": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz",
- "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=",
- "dev": true
+ "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8="
},
"utils-merge": {
"version": "1.0.0",
diff --git a/package.json b/package.json
index 79ffa724..8d62f59c 100644
--- a/package.json
+++ b/package.json
@@ -11,11 +11,14 @@
},
"dependencies": {
"colors": "1.1.x",
- "commander": "2.11.x",
+ "commander": "2.12.x",
+ "escape-html": "1.0.x",
+ "marked": "0.3.x",
"matrix-appservice-bridge": "1.x.x",
"matrix-js-sdk": "0.x.x",
"md5": "2.2.x",
- "string-similarity": "^1.2.0",
+ "sanitize-html": "1.16.x",
+ "string-similarity": "1.2.x",
"telegram-mtproto": "3.x.x",
"yamljs": "0.3.x"
},
diff --git a/src/app.js b/src/app.js
index 1517e647..d5fc64bc 100644
--- a/src/app.js
+++ b/src/app.js
@@ -14,6 +14,9 @@
// You should have received a copy of the GNU General Public License
// along with this program. If not, see .
const { Bridge } = require("matrix-appservice-bridge")
+const escapeHTML = require("escape-html")
+const sanitizeHTML = require("sanitize-html")
+const marked = require("marked")
const commands = require("./commands")
const MatrixUser = require("./matrix-user")
const TelegramUser = require("./telegram-user")
@@ -335,9 +338,22 @@ class MautrixTelegram {
.split(" ")
const command = args.shift()
commands.run(user, command, args,
- reply => this.botIntent.sendText(
- evt.room_id,
- reply.replace("$cmdprefix", cmdprefix)),
+ (reply, { allowHTML = false, markdown = true } = {}) => {
+ reply = reply.replace("$cmdprefix", cmdprefix)
+ if (!allowHTML) {
+ reply = escapeHTML(reply)
+ }
+ if (markdown) {
+ reply = marked(reply)
+ }
+ this.botIntent.sendMessage(
+ evt.room_id, {
+ body: sanitizeHTML(reply),
+ formatted_body: reply,
+ msgtype: "m.notice",
+ format: "org.matrix.custom.html",
+ })
+ },
this)
return
}
diff --git a/src/commands.js b/src/commands.js
index d08fe4fd..52a9cfdd 100644
--- a/src/commands.js
+++ b/src/commands.js
@@ -14,6 +14,7 @@
// You should have received a copy of the GNU General Public License
// along with this program. If not, see .
const makePasswordHash = require("telegram-mtproto").plugins.makePasswordHash
+const escapeHTML = require("escape-html")
const commands = {}
@@ -46,14 +47,16 @@ function run(sender, command, args, reply, app) {
commands.cancel = () => "Nothing to cancel."
commands.help = (sender, args, reply) => {
- reply(`All commands are prefixed with $cmdprefix.
+ reply(`All commands are prefixed with **$cmdprefix**.
-help - Show this help message.
-cancel - Cancel an ongoing action (such as login).
-login - Request an authentication code.
-logout - Log out from Telegram.
+**help** - Show this help message.
+**cancel** - Cancel an ongoing action (such as login).
-api - Call a Telegram API method. Args is always a JSON object. Disabled by default.`)
+**login** <_phone_> - Request an authentication code.
+**logout** - Log out from Telegram. Currently broken.
+
+**api** <_method_> <_args_> - Call a Telegram API method. Args is always a JSON object. Disabled by default.
+`, {allowHTML: true})
}