fix(telegram): stop auto-linking destinations in /policy show

nnemirovsky · nnemirovsky · commit 56f3500a852c · 2026-04-13T13:48:43.000+08:00
Telegram was rendering every destination string in /policy show output
as a clickable blue link (example.com, api.github.com, etc.) because
the message was sent in plain text mode and Telegram auto-detects URL
patterns.

Wrap the output in &lt;pre&gt;...&lt;/pre&gt; and send with ParseMode=HTML +
DisableWebPagePreview. Inside a preformatted block Telegram leaves URL
patterns alone, and the monospace rendering also aligns the columns
better.

- commands.go: htmlPreOpen/htmlPreClose constants, htmlEscapeText
  helper, wrap both policyShow (engine fallback) and
  policyShowFromStore in &lt;pre&gt;. Escape destination, tool, pattern,
  replacement, name, source, default verdict, and protocols.
- approval.go: sendReply path sniffs the &lt;pre&gt; prefix and switches to
  HTML parse mode with web-page preview disabled. Other replies are
  still plain text.
- Tests: TestPolicyShowEscapesHTML and a wrapping check in
  TestPolicyShowIncludesAllFields.
diff --git a/internal/telegram/approval.go b/internal/telegram/approval.go
@@ -434,6 +434,14 @@ func (tc *TelegramChannel) handleMessage(msg *tgbotapi.Message) {
 	}
 
 	reply := tgbotapi.NewMessage(tc.chatID, response)
+	// Responses that start with "<pre>" are pre-rendered HTML (see
+	// policyShow / policyShowFromStore). Send them with HTML parse mode so
+	// the block renders monospaced and Telegram does not auto-link URLs
+	// inside. All other responses are plain text.
+	if strings.HasPrefix(response, "<pre>") {
+		reply.ParseMode = tgbotapi.ModeHTML
+		reply.DisableWebPagePreview = true
+	}
 	if _, err := tc.api.Send(reply); err != nil {
 		log.Printf("telegram send error: %s", sanitizeError(err))
 	}
diff --git a/internal/telegram/commands.go b/internal/telegram/commands.go
@@ -216,8 +216,9 @@ func (h *CommandHandler) policyShow() string {
 	// Fallback to engine snapshot when store is not configured.
 	snap := h.engine.Load().Snapshot()
 	var b strings.Builder
+	b.WriteString(htmlPreOpen)
 	b.WriteString("Current policy (default: ")
-	b.WriteString(snap.Default.String())
+	b.WriteString(htmlEscapeText(snap.Default.String()))
 	b.WriteString(")\n\n")
 
 	for _, section := range []struct {
@@ -235,14 +236,14 @@ func (h *CommandHandler) policyShow() string {
 		b.WriteString(":\n")
 		for _, r := range section.rules {
 			b.WriteString("  ")
-			b.WriteString(r.Destination)
+			b.WriteString(htmlEscapeText(r.Destination))
 			if len(r.Ports) > 0 {
 				b.WriteString(" ports=")
 				b.WriteString(formatPorts(r.Ports))
 			}
 			if len(r.Protocols) > 0 {
 				b.WriteString(" protocols=")
-				b.WriteString(strings.Join(r.Protocols, ","))
+				b.WriteString(htmlEscapeText(strings.Join(r.Protocols, ",")))
 			}
 			b.WriteString("\n")
 		}
@@ -252,9 +253,32 @@ func (h *CommandHandler) policyShow() string {
 		b.WriteString("No rules configured.")
 	}
 
+	b.WriteString(htmlPreClose)
 	return b.String()
 }
 
+// htmlPreOpen and htmlPreClose wrap Telegram HTML messages in a preformatted
+// block. Using <pre> achieves two things: monospace fixed-width rendering so
+// columns line up, and disabling Telegram's URL auto-linking so destinations
+// like `api.github.com` do not render as clickable blue links.
+//
+// Callers send the resulting string with ParseMode=HTML; see the sendReply
+// path in approval.go which sniffs the <pre> prefix.
+const (
+	htmlPreOpen  = "<pre>"
+	htmlPreClose = "</pre>"
+)
+
+// htmlEscapeText escapes the three characters that Telegram's HTML parse mode
+// requires in text nodes: &, <, >. Quotes and apostrophes are left alone
+// since we don't use them in tag attributes.
+func htmlEscapeText(s string) string {
+	s = strings.ReplaceAll(s, "&", "&amp;")
+	s = strings.ReplaceAll(s, "<", "&lt;")
+	s = strings.ReplaceAll(s, ">", "&gt;")
+	return s
+}
+
 func (h *CommandHandler) policyShowFromStore() string {
 	cfg, err := h.store.GetConfig()
 	if err != nil {
@@ -271,8 +295,9 @@ func (h *CommandHandler) policyShowFromStore() string {
 	}
 
 	var b strings.Builder
+	b.WriteString(htmlPreOpen)
 	b.WriteString("Current policy (default: ")
-	b.WriteString(dv)
+	b.WriteString(htmlEscapeText(dv))
 	b.WriteString(")\n\n")
 
 	for _, section := range []struct {
@@ -302,23 +327,23 @@ func (h *CommandHandler) policyShowFromStore() string {
 			} else if r.Pattern != "" {
 				target = "pattern:" + r.Pattern
 			}
-			fmt.Fprintf(&b, "  [%d] %s", r.ID, target)
+			fmt.Fprintf(&b, "  [%d] %s", r.ID, htmlEscapeText(target))
 			if len(r.Ports) > 0 {
 				b.WriteString(" ports=")
 				b.WriteString(formatPorts(r.Ports))
 			}
 			if len(r.Protocols) > 0 {
 				b.WriteString(" protocols=")
-				b.WriteString(strings.Join(r.Protocols, ","))
+				b.WriteString(htmlEscapeText(strings.Join(r.Protocols, ",")))
 			}
 			if r.Replacement != "" {
-				fmt.Fprintf(&b, " -> %q", r.Replacement)
+				fmt.Fprintf(&b, " -> %q", htmlEscapeText(r.Replacement))
 			}
 			if r.Name != "" {
-				fmt.Fprintf(&b, " (%s)", r.Name)
+				fmt.Fprintf(&b, " (%s)", htmlEscapeText(r.Name))
 			}
 			if r.Source != "" {
-				fmt.Fprintf(&b, " [%s]", r.Source)
+				fmt.Fprintf(&b, " [%s]", htmlEscapeText(r.Source))
 			}
 			b.WriteString("\n")
 		}
@@ -328,6 +353,7 @@ func (h *CommandHandler) policyShowFromStore() string {
 		b.WriteString("No rules configured.")
 	}
 
+	b.WriteString(htmlPreClose)
 	return b.String()
 }
 
diff --git a/internal/telegram/commands_test.go b/internal/telegram/commands_test.go
@@ -483,6 +483,42 @@ func TestPolicyShowIncludesAllFields(t *testing.T) {
 			t.Errorf("policy show output missing %q\nfull output:\n%s", want, out)
 		}
 	}
+
+	// Wrap in <pre>...</pre> so the sender uses HTML parse mode, which
+	// disables Telegram's URL auto-linking for destinations like
+	// example.com.
+	if !strings.HasPrefix(out, "<pre>") || !strings.HasSuffix(out, "</pre>") {
+		t.Errorf("policy show output must be wrapped in <pre>...</pre>: %q", out)
+	}
+}
+
+func TestPolicyShowEscapesHTML(t *testing.T) {
+	s := newTestStore(t)
+	if _, err := s.AddRule("deny", store.RuleOpts{
+		Pattern: "<script>",
+		Source:  "manual",
+	}); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := s.AddRule("redact", store.RuleOpts{
+		Pattern:     "a&b",
+		Replacement: "<x>",
+	}); err != nil {
+		t.Fatal(err)
+	}
+
+	handler := newTestHandlerWithStore(t, s, nil, "")
+	out := handler.Handle(&Command{Name: "policy", Args: []string{"show"}})
+
+	if strings.Contains(out, "<script>") {
+		t.Errorf("raw <script> must be HTML-escaped: %s", out)
+	}
+	if !strings.Contains(out, "&lt;script&gt;") {
+		t.Errorf("expected &lt;script&gt; in output: %s", out)
+	}
+	if !strings.Contains(out, "a&amp;b") {
+		t.Errorf("expected a&amp;b in output: %s", out)
+	}
 }
 
 func TestPolicyRemoveThenRecompile(t *testing.T) {

Original file line number	Diff line number	Diff line change
`@@ -434,6 +434,14 @@ func (tc TelegramChannel) handleMessage(msg tgbotapi.Message) {`
`434`	`434`	`}`
`435`	`435`
`436`	`436`	`reply := tgbotapi.NewMessage(tc.chatID, response)`
	`437`	`+ // Responses that start with "<pre>" are pre-rendered HTML (see`
	`438`	`+ // policyShow / policyShowFromStore). Send them with HTML parse mode so`
	`439`	`+ // the block renders monospaced and Telegram does not auto-link URLs`
	`440`	`+ // inside. All other responses are plain text.`
	`441`	`+ if strings.HasPrefix(response, "<pre>") {`
	`442`	`+ reply.ParseMode = tgbotapi.ModeHTML`
	`443`	`+ reply.DisableWebPagePreview = true`
	`444`	`+ }`
`437`	`445`	`if _, err := tc.api.Send(reply); err != nil {`
`438`	`446`	`log.Printf("telegram send error: %s", sanitizeError(err))`
`439`	`447`	`}`