← Back to PRs

#19942: feat(telegram): configurable SSRF policy for media fetch

by onewesong open 2026-02-18 09:53 View on GitHub →
docs channel: telegram size: S
Closes #19934 ## What Adds config knobs for Telegram media download SSRF behavior (without source patching): - `channels.telegram.mediaFetch.allowPrivateNetwork` - `channels.telegram.mediaFetch.urlAllowlist` These options are applied only to Telegram media fetch path (`resolveMedia -> fetchRemoteMedia`), so operators can allow proxied/internal routing for `api.telegram.org` while keeping default SSRF protections elsewhere. ## Why Some deployments intentionally resolve `api.telegram.org` via internal proxy/private IP. Previously media fetch failed with `SsrFBlockedError` and there was no config-level override for this channel path. ## Changes - Config types/schema: - `src/config/types.telegram.ts` - `src/config/zod-schema.providers-core.ts` - `src/config/schema.help.ts` - `src/config/schema.labels.ts` - Telegram media path: - `src/telegram/bot-handlers.ts` (build SSRF policy from config) - `src/telegram/bot/delivery.ts` (forward policy to `fetchRemoteMedia`) - Tests: - `src/telegram/bot/delivery.resolve-media-retry.test.ts` (assert SSRF policy forwarding) - Docs: - `docs/channels/telegram.md` ## Validation Ran: - `pnpm test:fast src/telegram/bot/delivery.resolve-media-retry.test.ts src/media/fetch.test.ts` <!-- greptile_comment --> <h3>Greptile Summary</h3> Adds two new config knobs under `channels.telegram.mediaFetch` to control SSRF behavior for Telegram media downloads: `allowPrivateNetwork` (permits media URLs resolving to private/internal IPs) and `urlAllowlist` (restricts media fetches to specific hostnames with wildcard support). These options are scoped exclusively to the Telegram media fetch path, leaving default SSRF protections intact for all other operations. - Config plumbing: new `TelegramMediaFetchConfig` type, matching zod schema with `.strict()`, labels, and help text - Runtime wiring: `bot-handlers.ts` builds an `SsrFPolicy` from the config and passes it through `resolveMedia()` → `fetchRemoteMedia()` → `fetchWithSsrFGuard()` → `resolvePinnedHostnameWithPolicy()` - Test: verifies SSRF policy is correctly forwarded from `resolveMedia` to `fetchRemoteMedia` - Docs: updated Telegram channel docs with new config keys <h3>Confidence Score: 5/5</h3> - This PR is safe to merge — it adds well-scoped, opt-in config knobs with correct plumbing and test coverage. - All changes are additive and opt-in. The new config fields default to the existing strict SSRF behavior (allowPrivateNetwork defaults to false, empty urlAllowlist means no restriction). The implementation correctly maps config values to the existing SsrFPolicy type and threads the policy through the established fetch guard infrastructure. Type definitions, zod schema, labels, help text, and docs are all consistent. The new test verifies the parameter forwarding. - No files require special attention. <sub>Last reviewed commit: 48a0f90</sub> <!-- greptile_other_comments_section --> <sub>(2/5) Greptile learns from your feedback when you react with thumbs up/down!</sub> <!-- /greptile_comment -->

Most Similar PRs