fix: scope Telegram RFC2544 SSRF exception to policy opt-in (#24982) (thanks @stakeswky)

src/telegram/bot/delivery.resolve-media-retry.test.ts

@@ -92,6 +92,12 @@ async function expectTransientGetFileRetrySuccess() {
   await flushRetryTimers();
   const result = await promise;
   expect(getFile).toHaveBeenCalledTimes(2);
+  expect(fetchRemoteMedia).toHaveBeenCalledWith(
+    expect.objectContaining({
+      url: `https://api.telegram.org/file/bot${BOT_TOKEN}/voice/file_0.oga`,
+      ssrfPolicy: { allowRfc2544BenchmarkRange: true },
+    }),
+  );
   return result;
 }
 

src/telegram/bot/delivery.ts

@@ -35,6 +35,9 @@ import type { StickerMetadata, TelegramContext } from "./types.js";
 const PARSE_ERR_RE = /can't parse entities|parse entities|find end of the entity/i;
 const VOICE_FORBIDDEN_RE = /VOICE_MESSAGES_FORBIDDEN/;
 const FILE_TOO_BIG_RE = /file is too big/i;
+const TELEGRAM_MEDIA_SSRF_POLICY = {
+  allowRfc2544BenchmarkRange: true,
+} as const;
 
 export async function deliverReplies(params: {
   replies: ReplyPayload[];
@@ -320,6 +323,7 @@ export async function resolveMedia(
       fetchImpl,
       filePathHint: filePath,
       maxBytes,
+      ssrfPolicy: TELEGRAM_MEDIA_SSRF_POLICY,
     });
     const originalName = fetched.fileName ?? filePath;
     return saveMediaBuffer(fetched.buffer, fetched.contentType, "inbound", maxBytes, originalName);