Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-03-13 11:53:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix: escape HTML characters in tgbot start command (#3883)

Browse source
This commit is contained in:
Aleksei Sidorenko 2026-03-04 13:35:24 +03:00 committed by GitHub
parent 59b695ba83
commit 96b8fe472c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
web/service/tgbot.go
View file

@ -8,6 +8,7 @@ import (
"encoding/json"
"errors"
"fmt"
"html"
"io"
"math/big"
"net"
@ -651,7 +652,7 @@ func (t *Tgbot) answerCommand(message *telego.Message, chatId int64, isAdmin boo
msg += t.I18nBot("tgbot.commands.help")
msg += t.I18nBot("tgbot.commands.pleaseChoose")
case "start":
msg += t.I18nBot("tgbot.commands.start", "Firstname=="+message.From.FirstName)
msg += t.I18nBot("tgbot.commands.start", "Firstname=="+html.EscapeString(message.From.FirstName))
if isAdmin {
msg += t.I18nBot("tgbot.commands.welcome", "Hostname=="+hostname)
}