openclaw/src/telegram/download.ts at 29203884c2f5d4a97b86959688b2ce240203d413

mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 11:57:39 +00:00

Files

chenglun.hu d46b489e21 fix(telegram): add timeout to file download to prevent DoS (CWE-400)

Add AbortSignal.timeout() to both fetch calls in download.ts to prevent
indefinite hangs when Telegram API is slow or unresponsive.

- getTelegramFile(): 30s timeout for metadata API call
- downloadTelegramFile(): 60s timeout for file download

Both functions now accept optional timeoutMs parameter for configurability.

Fixes #6849

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-02 13:39:39 +05:30

1.7 KiB

Raw Blame History

View Raw

1.7 KiB Raw Blame History

1.7 KiB

Raw Blame History