This can cause the bot's token to be compromised
pillarion opened this issue · comments
pillarion commented
Description
// GetUpdatesChan starts and returns a channel for getting updates.
func (bot *BotAPI) GetUpdatesChan(config UpdateConfig) UpdatesChannel
...
updates, err := bot.GetUpdates(config)
if err != nil {
log.Println(err)
log.Println("Failed to get updates, retrying in 3 seconds...")
time.Sleep(time.Second * 3)
continue
}
...
The line log.Println(err)
puts the bot's token into the log. This can cause the token to be compromised.
Example log:
2023/01/26 17:15:22 Post "https://api.telegram.org/bot<full_bot_token>/getUpdates": read tcp <ip>:<port>-><ip>:<port>: read: connection reset by peer
2023/01/26 17:15:22 Failed to get updates, retrying in 3 seconds...
Affected Modules, Packages, Versions and Symbols
Module: github.com/example/module
github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.5.1
Gaziz commented
how to fix error "read: connection reset by peer"? @pillarion