From 0af5b24069b5afa188cc109258c3f55ce5e7e882 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 26 Oct 2021 16:36:41 +0000 Subject: [PATCH] Update content of files --- data/corefork.telegram.org/api/config.html | 2 +- .../corefork.telegram.org/bots/2-0-intro.html | 118 +++++++++--------- data/corefork.telegram.org/bots/inline.html | 71 ++++++----- .../bots/self-signed.html | 60 +++++---- data/corefork.telegram.org/cdn.html | 59 +++++---- .../constructor/fileHash.html | 18 ++- .../payments.ValidatedRequestedInfo | 2 +- .../method/upload.getWebFile | 21 +--- .../schema/end-to-end.html | 8 +- .../corefork.telegram.org/schema/mtproto.html | 4 +- .../promote.telegram.org/getting-started.html | 16 ++- 11 files changed, 193 insertions(+), 186 deletions(-) diff --git a/data/corefork.telegram.org/api/config.html b/data/corefork.telegram.org/api/config.html index b9463bebfc..9956a2847a 100644 --- a/data/corefork.telegram.org/api/config.html +++ b/data/corefork.telegram.org/api/config.html @@ -263,7 +263,7 @@ A full list of these parameters can be seen in the channel/supergroup-related suggestions can also be contained in the pending_suggestions field of the channelFull constructor, returned by channels.getFullChannel.
Here's a list of possible suggestions:

Dismissing suggestions

boolFalse#bc799737 = Bool;
diff --git a/data/corefork.telegram.org/bots/2-0-intro.html b/data/corefork.telegram.org/bots/2-0-intro.html
index 15bfad260a..6cfb3da8a2 100644
--- a/data/corefork.telegram.org/bots/2-0-intro.html
+++ b/data/corefork.telegram.org/bots/2-0-intro.html
@@ -4,11 +4,11 @@
     
     Introducing Bot API 2.0
     
-    
     
     
-    
     
 
@@ -44,114 +44,108 @@ If this is not the case, kindly check out our…">
   

 
 

-
Howdy! This text assumes that you‘re familiar with Telegram’s bot platform.
If this is not the case, kindly check out our Introduction to Bots.

+
Howdy! This text assumes that you're familiar with Telegram's bot platform.
+If this is not the case, kindly check out our Introduction to Bots.

 

-
Today we‘re introducing the biggest change to Telegram’s Bot Platform since June 2015. These new tools will help you create fluid and intuitive interfaces for your bots. And bots  are becoming a lot more capable. They can now send any type of content supported on Telegram, provide location-based services and integrate with other services deeply based on users' phone numbers.

-
If you'd like a more concise changelog, you can find one in the Bot API Manual.

-
New Inline Keyboards

-
To begin with, we're adding a new type of keyboard that is integrated directly into the message it belongs to. Inline keyboards are available for messages sent both in chat mode and inline mode.

+
Today we're introducing the biggest change to Telegram's Bot Platform since June 2015. These new tools will help you create fluid and intuitive interfaces for your bots. And bots  are becoming a lot more capable. They can now send any type of content supported on Telegram, provide location-based services and integrate with other services deeply based on users' phone numbers.

+
If you'd like a more concise changelog, you can find one in the Bot API Manual.

+
New Inline Keyboards

+
To begin with, we're adding a new type of keyboard that is integrated directly into the message it belongs to. Inline keyboards are available for messages sent both in chat mode and inline mode.

 

-  
-    
-
-  


-
-
-
+  
+    
+

 

-
-
Unlike with custom reply keyboards, pressing buttons on inline keyboards doesn't result in messages sent to the chat. Instead, inline keyboards support buttons that work behind the scenes: callback buttons, URL buttons and switch to inline buttons.

+
Unlike with custom reply keyboards, pressing buttons on inline keyboards doesn't result in messages sent to the chat. Instead, inline keyboards support buttons that work behind the scenes: callback buttons, URL buttons and switch to inline buttons.

 

 
Manual: Inline keyboards »

 

-
Callback buttons

+
Callback buttons

 
When a user presses a callback button, no messages are sent to the chat. Instead, your bot simply receives the relevant query. Upon receiving the query, your bot can display some result in a notification at the top of the chat screen or in an alert.

 

-  


+  

 

-
-
Sample bot
@music – This sample music bot uses inline callback buttons to flip pages and reload random results.

+
Sample bot
+@music – This sample music bot uses inline callback buttons to flip pages and reload random results.

 
Read on to updating messages to find out how callback buttons can get even cooler.

-
URL buttons

-
Buttons of this type have a small arrow icon to help the user understand that tapping on a URL button will open an external link. Naturally, we'll show them a confirmation alert before opening the link in the browser.

+
URL buttons

+
Buttons of this type have a small arrow icon to help the user understand that tapping on a URL button will open an external link. Naturally, we'll show them a confirmation alert before opening the link in the browser.

 

-  

+  
 

-
-
Switch to Inline buttons

-
Pressing a switch to inline button prompts the user to select a chat, opens it and inserts the bot's username into the input field. You can also pass a query that will be inserted along with the username – this way your users will immediately get some inline results they can share.

+
Switch to Inline buttons

+
Pressing a switch to inline button prompts the user to select a chat, opens it and inserts the bot's username into the input field. You can also pass a query that will be inserted along with the username – this way your users will immediately get some inline results they can share.

 

-


+

 

-
-
Sample bot
@sticker – This sticker search bot offers a ‘switch to inline’ button to teach users how to use it in inline mode. 

-
Updating Messages

-
Since inline keyboards don‘t send additional messages to the chat, it made sense to give bots a way of manipulating their existing messages, so that they don’t have to send a new message each time they need to update something. This helps reduce clutter and build more fluid interfaces.

+
Sample bot
+@sticker – This sticker search bot offers a 'switch to inline' button to teach users how to use it in inline mode. 

+
Updating Messages

+
Since inline keyboards don't send additional messages to the chat, it made sense to give bots a way of manipulating their existing messages, so that they don't have to send a new message each time they need to update something. This helps reduce clutter and build more fluid interfaces.

 

  

  
+ 
  

 

-
-
Sample bot
@music – Watch how the music bot updates its messages with search results when you press the navigation buttons.

+
Sample bot
+@music – Watch how the music bot updates its messages with search results when you press the navigation buttons.

 

 
Manual: Updating messages »

 

-
Locations and Numbers

-
Some bots need extra data from the user to work properly. For example, knowing the user‘s location helps provide more relevant geo-specific results. The user’s phone number can be very useful for integrations with other services, like banks, etc.

-
We've added an easy way for bots to ask the user for their location and phone number using special buttons. Note that both phone number and location request buttons will only work in private chats.

+
Locations and Numbers

+
Some bots need extra data from the user to work properly. For example, knowing the user's location helps provide more relevant geo-specific results. The user's phone number can be very useful for integrations with other services, like banks, etc.

+
We've added an easy way for bots to ask the user for their location and phone number using special buttons. Note that both phone number and location request buttons will only work in private chats.

 

-


+

 

-
-
When these buttons are pressed, Telegram clients will display a confirmation alert that tells the user what's about to happen.

+
When these buttons are pressed, Telegram clients will display a confirmation alert that tells the user what's about to happen.

 

 
Manual: Number and location buttons »

 

 
Inline bots can also request location data from their users. Use the /setinlinegeo command with @BotFather to enable this. Your bot will ask the user for permission to access their location whenever they send an inline request.

-
Sample bot
@foursquare – This bot will ask for permission to access the user's location, then provide geo-targeted results.

-
Inline Bots 2.0

+
Sample bot
+@foursquare – This bot will ask for permission to access the user's location, then provide geo-targeted results.

+
Inline Bots 2.0

 
Speaking of inline bots, they are also getting a major upgrade today.

-
New types of content

+
New types of content

 
Inline bots now support all types of content available in Telegram (19 in all), they are now capable of sending stickers, videos, music, locations, documents and more. 

 

-


+

 

-
-
Sample bots
@sticker – This sticker bot will accept one or more emoji and search for relevant stickers.
@music – The music bot allows users to send mp3 tracks from a database of public domain classical music.

+
Sample bots
+@sticker – This sticker bot will accept one or more emoji and search for relevant stickers.
+@music – The music bot allows users to send mp3 tracks from a database of public domain classical music.

 

 
Manual: Types of inline content »

 

-
Switching between inline mode and private chat

-
Some inline bots can benefit from an initial setup process, like connecting them to an account on an external service (e.g., YouTube). We've added an easy way of switching between the private chat with a bot and whatever chat the user wants to share inline results in.

+
Switching between inline mode and private chat

+
Some inline bots can benefit from an initial setup process, like connecting them to an account on an external service (e.g., YouTube). We've added an easy way of switching between the private chat with a bot and whatever chat the user wants to share inline results in.

 

-


+

 

-
-
You can now display a special ‘Switch to PM’ button above the inline results (or instead of them). This button will open a private chat with the bot and pass a parameter of your choosing, so that you can prompt the user for the relevant setup actions. Once done, you can use an inline keyboard with a switch_inline_query button to send the user back to the original chat. 

-
Sample bots
@youtube – Shows a ‘Sign in to YouTube’ button, then suggests personalized results.

+
You can now display a special 'Switch to PM' button above the inline results (or instead of them). This button will open a private chat with the bot and pass a parameter of your choosing, so that you can prompt the user for the relevant setup actions. Once done, you can use an inline keyboard with a switch_inline_query button to send the user back to the original chat. 

+
Sample bots
+@youtube – Shows a 'Sign in to YouTube' button, then suggests personalized results.

 

 
Manual: Switch to PM

 

-
Better inline UI

-
Since sending content via inline bots works differently from sending ordinary messages, we‘ve changed the interface a little. There’s hardly a more effective way of explaining that there‘s no need to hit ’Send':

+
Better inline UI

+
Since sending content via inline bots works differently from sending ordinary messages, we've changed the interface a little. There's hardly a more effective way of explaining that there's no need to hit 'Send':

 

-


+

 

-
-
Tapping on the cross icon once will clear the query, tapping twice will give the ‘Send’ button back to the user.

-
Group Admins

-
As a dessert, we‘re beginning to roll out tools that will allow you to create bot solutions for group admins. As the first step, we’ve added methods to remove members from groups and supergroups.

+
Tapping on the cross icon once will clear the query, tapping twice will give the 'Send' button back to the user.

+
Group Admins

+
As a dessert, we're beginning to roll out tools that will allow you to create bot solutions for group admins. As the first step, we've added methods to remove members from groups and supergroups.

 

 
Manual: Group management »

 

-
And that's about it for now. Stay tuned for more updates and subscribe to our official @Botnews channel on Telegram.

+
And that's about it for now. Stay tuned for more updates and subscribe to our official @Botnews channel on Telegram.

 

 
Read the full changelog for this update »

-

-

+
   
 
           
diff --git a/data/corefork.telegram.org/bots/inline.html b/data/corefork.telegram.org/bots/inline.html
index d4b20ad831..8914c7c5b0 100644
--- a/data/corefork.telegram.org/bots/inline.html
+++ b/data/corefork.telegram.org/bots/inline.html
@@ -44,66 +44,65 @@
 

   
 

-
 
Beyond sending commands in private messages or groups, users can interact with your bot via inline queries. If inline queries are enabled, users can call your bot by typing its username and a query in the text input field in any chat. The query is sent to your bot in an update. This way, people can request content from your bot in any of their chats, groups, or channels without sending any messages at all.

 

-    

+    
 

-
-
 
To enable this option, send the /setinline command to @BotFather and provide the placeholder text that the user will see in the input field after typing your bot’s name.

 

 
See the Bot API Manual for the relevant methods and objects.

 

-
Inline results

+
Inline results

 
Inline bots support all types of content available in Telegram (20 in all). They are capable of sending stickers, videos, music, locations, documents and more. 

 

-


+

 

-
 
Clients can display the results with vertical or horizontal scrolling, depending on the type of content:

 

-
-    
-
-
-
+

+

 

 

-
-
As soon as the user taps on an item, it's immediately sent to the recipient, and the input field is cleared.

-
Switching inline/PM modes

-
Some inline bots can benefit from an initial setup process, like connecting them to an account on an external service (e.g., YouTube). We've added an easy way of switching between the private chat with a bot and whatever chat the user wants to share inline results in.

+
As soon as the user taps on an item, it's immediately sent to the recipient, and the input field is cleared.

+
Switching inline/PM modes

+
Some inline bots can benefit from an initial setup process, like connecting them to an account on an external service (e.g., YouTube). We've added an easy way of switching between the private chat with a bot and whatever chat the user wants to share inline results in.

 

-


+

 

-
-
You can display a special ‘Switch to PM’ button above the inline results (or instead of them). This button will open a private chat with the bot and pass a parameter of your choosing, so that you can prompt the user for the relevant setup actions. Once done, you can use an inline keyboard with a switch_inline_query button to send the user back to the original chat. 

-
Sample bots
@youtube – Shows a ‘Sign in to YouTube’ button, then suggests personalized results.

+
You can display a special 'Switch to PM' button above the inline results (or instead of them). This button will open a private chat with the bot and pass a parameter of your choosing, so that you can prompt the user for the relevant setup actions. Once done, you can use an inline keyboard with a switch_inline_query button to send the user back to the original chat. 

+
Sample bots
+@youtube – Shows a 'Sign in to YouTube' button, then suggests personalized results.

 

 
Manual: Switch to PM

 

-
Location-based results

+
Location-based results

 
Inline bots can request location data from their users. Use the /setinlinegeo command with @BotFather to enable this. Your bot will ask the user for permission to access their location whenever they send an inline request.

-
Sample bot
@foursquare – This bot will ask for permission to access the user's location, then provide geo-targeted results.

-
Spreading virally

-
Messages sent with the help of your bot will show its username next to the sender's name.

+
Sample bot
+@foursquare – This bot will ask for permission to access the user's location, then provide geo-targeted results.

+
Spreading virally

+
Messages sent with the help of your bot will show its username next to the sender's name.

 

-
-    
-   
-
-
-


-
+

+

+



 
When a user taps on the bot username in the message header, the mention is automatically inserted into the input field. Entering the @ symbol in the input field brings up a list of suggestions, featuring recently used inline bots.

-
Collecting feedback

+
Collecting feedback

 
To know which of the provided results your users are sending to their chat partners, send @Botfather the /setinlinefeedback command. With this enabled, you will receive updates on the results chosen by your users.

 
Please note that this can create load issues for popular bots –  you may receive more results than actual requests due to caching (see the cache_time parameter in answerInlineQuery). For these cases, we recommend adjusting the probability setting to receive 1/10, 1/100 or 1/1000 of the results.

-
Inline bot samples

-
Here are some sample inline bots, in case you’re curious to see one in action. Try any of these:
@gif – GIF search
@vid – Video search
@pic – Yandex image search
@bing – Bing image search
@wiki – Wikipedia search
@imdb – IMDB search
@bold – Make bold, italic or fixed sys text

-
NEW
@youtube - Connect your account for personalized results
@music - Search and send classical music
@foursquare – Find and send venue addresses
@sticker – Find and send stickers based on emoji

-
+
Inline bot samples

+
Here are some sample inline bots, in case you’re curious to see one in action. Try any of these:
+@gif – GIF search
+@vid – Video search
+@pic – Yandex image search
+@bing – Bing image search
+@wiki – Wikipedia search
+@imdb – IMDB search
+@bold – Make bold, italic or fixed sys text

+
NEW
+@youtube - Connect your account for personalized results
+@music - Search and send classical music
+@foursquare – Find and send venue addresses
+@sticker – Find and send stickers based on emoji

   
 
           
diff --git a/data/corefork.telegram.org/bots/self-signed.html b/data/corefork.telegram.org/bots/self-signed.html
index 0bd9ca0f30..412559b69d 100644
--- a/data/corefork.telegram.org/bots/self-signed.html
+++ b/data/corefork.telegram.org/bots/self-signed.html
@@ -40,34 +40,41 @@
   
Using self-signed certificates

   
   
Upload your certificate using the certificate parameter in the setWebhook method. The certificate supplied should be PEM encoded (ASCII BASE64), the pem file should only contain the public key (including BEGIN and END portions). When converting from a bundle format, please split the file to only include the public key.

-
Generating a self-signed certificate pair (PEM):

-
Openssl

+
Generating a self-signed certificate pair (PEM):

+
Openssl

 

 
Windows binaries for Openssl are available online

 

-
openssl req -newkey rsa:2048 -sha256 -nodes -keyout YOURPRIVATE.key -x509 -days 365 -out YOURPUBLIC.pem -subj "/C=US/ST=New York/L=Brooklyn/O=Example Brooklyn Company/CN=YOURDOMAIN.EXAMPLE"

+
openssl req -newkey rsa:2048 -sha256 -nodes -keyout YOURPRIVATE.key -x509 -days 365 -out YOURPUBLIC.pem -subj "/C=US/ST=New York/L=Brooklyn/O=Example Brooklyn Company/CN=YOURDOMAIN.EXAMPLE"

 
YOURPUBLIC.pem has to be used as input for setting the self-signed webhook.

-
You can inspect the generated certificate with:
openssl x509 -text -noout -in YOURPUBLIC.pem

-
Converting from a previously generated DER:
openssl x509 -inform der -in YOURDER.der -out YOURPEM.pem

-
Converting from a previously generated PKCS12:
openssl pkcs12 -in YOURPKCS.p12 -out YOURPEM.pem

+
You can inspect the generated certificate with:
+openssl x509 -text -noout -in YOURPUBLIC.pem

+
Converting from a previously generated DER:
+openssl x509 -inform der -in YOURDER.der -out YOURPEM.pem

+
Converting from a previously generated PKCS12:
+openssl pkcs12 -in YOURPKCS.p12 -out YOURPEM.pem

 

-
More information: https://www.openssl.org/

+
More information: https://www.openssl.org/

 

-
Java keystore

-
Generate self-signed JKS:
keytool -genkey -keyalg RSA -alias YOURDOMAIN.EXAMPLE -keystore YOURJKS.jks -storepass YOURPASSWORD -validity 360 -keysize 2048

-
Converting JKS to pkcs12 (intermediate step for conversion to PEM):
keytool -importkeystore -srckeystore YOURJKS.jks -destkeystore YOURPKCS.p12 -srcstoretype jks -deststoretype pkcs12

-
Convert PKCS12 to PEM (requires openssl):
openssl pkcs12 -in YOURPKCS.p12 -out YOURPEM.pem

+
Java keystore

+
Generate self-signed JKS:
+keytool -genkey -keyalg RSA -alias YOURDOMAIN.EXAMPLE -keystore YOURJKS.jks -storepass YOURPASSWORD -validity 360 -keysize 2048

+
Converting JKS to pkcs12 (intermediate step for conversion to PEM):
+keytool -importkeystore -srckeystore YOURJKS.jks -destkeystore YOURPKCS.p12 -srcstoretype jks -deststoretype pkcs12

+
Convert PKCS12 to PEM (requires openssl):
+openssl pkcs12 -in YOURPKCS.p12 -out YOURPEM.pem

 

-
More information: https://docs.oracle.com

+
More information: https://docs.oracle.com

 

-
Windows

+
Windows

 
Creating a self-signed certificate using Windows native utilities is also possible, although OpenSSL binaries for Windows are available online.

-
On the commandline:
certreq -new TEMPLATE.txt RequestFileOut

+
On the commandline:
+certreq -new TEMPLATE.txt RequestFileOut

 
TEMPLATE.txt example file:

 
[NewRequest]
 
 ; At least one value must be set in this section
-Subject = "CN=DOMAIN.EXAMPLE"
+Subject = "CN=DOMAIN.EXAMPLE"
 KeyLength = 2048
 KeyAlgorithm = RSA
 HashAlgorithm = sha256
@@ -75,17 +82,22 @@ HashAlgorithm = sha256
 RequestType = Cert
 UseExistingKeySet=false ;generates a new private key (for export)
 Exportable = true ;makes the private key exportable with the PFX

-
A self-signed certificate will be generated and installed, to view the certificate:
certutil -store -user my

-
To export in DER format (intermediate step for conversion to PEM)
certutil -user -store -split my SERIALNUMBER YOURDER.crt

-
Converting to PEM (used for setting the webhook)
certutil -encode YOURDER.crt YOURPEM.cer

-
To delete a certificate from your store:
certutil -delstore -user my SERIALNUMBER (from view)

-
To export in PFX(PKCS12) format
certutil -exportpfx -user YOURDOMAIN.EXAMPLE YOURPKCS.pfx NoChain

+
A self-signed certificate will be generated and installed, to view the certificate:
+certutil -store -user my

+
To export in DER format (intermediate step for conversion to PEM)
+certutil -user -store -split my SERIALNUMBER YOURDER.crt

+
Converting to PEM (used for setting the webhook)
+certutil -encode YOURDER.crt YOURPEM.cer

+
To delete a certificate from your store:
+certutil -delstore -user my SERIALNUMBER (from view)

+
To export in PFX(PKCS12) format
+certutil -exportpfx -user YOURDOMAIN.EXAMPLE YOURPKCS.pfx NoChain

 

-
More information: https://technet.microsoft.com

+
More information: https://technet.microsoft.com

 

-
Converting YOURPKCS.pfx to PEM including the private key is best done with OpenSSL:
openssl pkcs12 -in YOURPKCS.pfx -out YOURPEM.cer

-
Remember that only the public key is needed as input for the self-signed webhook certificate parameter. certmgr.msc can also be used as a GUI to export the public part of self-signed certificates to PEM.

-

+
Converting YOURPKCS.pfx to PEM including the private key is best done with OpenSSL:
+openssl pkcs12 -in YOURPKCS.pfx -out YOURPEM.cer

+
Remember that only the public key is needed as input for the self-signed webhook certificate parameter. certmgr.msc can also be used as a GUI to export the public part of self-signed certificates to PEM.

   
 
           
diff --git a/data/corefork.telegram.org/cdn.html b/data/corefork.telegram.org/cdn.html
index 1508162cac..97b3f2108c 100644
--- a/data/corefork.telegram.org/cdn.html
+++ b/data/corefork.telegram.org/cdn.html
@@ -39,82 +39,82 @@
   

   
Encrypted CDNs for Speed and Security

   
-  
Following the launch of version 4.2 of the official apps, Telegram client apps may be required to download popular files that were published in public channels with more than 100,000 members from secondary Content Delivery Network data centers. These CDN DCs are located in regions with significant Telegram traffic where we wouldn't want to place Telegram servers for various reasons.

-
The CDN DCs are not a part of the Telegram cloud and should be considered enemy territory. For this reason, each file that is to be sent to these CDN DCs is encrypted with a unique key using AES-256-CTR encryption. The CDN can't access the data it stores because these keys are only accessible to the main MTProto server and to the authorized client.

+  
Following the launch of version 4.2 of the official apps, Telegram client apps may be required to download popular files that were published in public channels with more than 100,000 members from secondary Content Delivery Network data centers. These CDN DCs are located in regions with significant Telegram traffic where we wouldn't want to place Telegram servers for various reasons.

+
The CDN DCs are not a part of the Telegram cloud and should be considered enemy territory. For this reason, each file that is to be sent to these CDN DCs is encrypted with a unique key using AES-256-CTR encryption. The CDN can't access the data it stores because these keys are only accessible to the main MTProto server and to the authorized client.

 

 
See also: More about CDNs and governments in the Advanced FAQ

 

-
How this works

+
How this works

 
When a file from a public channel with ~100,000 members becomes popular in a particular region, the Telegram server may encrypt this file with a unique AES-256-CTR key and send it to a relevant CDN DC for storage.

 
When a file is stored in a CDN DC close to the end user, the download speed will be much higher because the data needs to travel smaller distances and will likely avoid many bottlenecks that exist between regions.

 
This is secure because CDN DCs are treated the same way as internet providers / random third parties:

 
    
-
  • CDN DCs don‘t have the keys to decrypt files that are stored there, so they can’t access the data even if a DC becomes compromised.
    • 
+
  • CDN DCs don't have the keys to decrypt files that are stored there, so they can't access the data even if a DC becomes compromised.
    • 
 
  • Encrypted files fragments are protected from tampering by their SHA-256 hash which is checked on the client upon receipt.
    • 
 
  • No private data is stored in or passed to the CDN DCs.
    • 
 
  • The server only allows media from public channels with more than 100,000 subscribers to be cached in CDN DCs (this includes media forwarded from those channels and viral media that originated from other large public channels).
    • 
 

 

-    
+    
 

-
-
CDNs are very limited when it comes to communication: the master data center only uploads encrypted files for storage and will accept no data from the CDN. The client apps only download encrypted files and accept no other updates. The client apps obtain the keys necessary to decrypt the file from the main Telegram server and verify the integrity of the file by its hash, which means that the CDN may only supply the correct file – anything different will be immediately discarded by the client.

+
CDNs are very limited when it comes to communication: the master data center only uploads encrypted files for storage and will accept no data from the CDN. The client apps only download encrypted files and accept no other updates. The client apps obtain the keys necessary to decrypt the file from the main Telegram server and verify the integrity of the file by its hash, which means that the CDN may only supply the correct file – anything different will be immediately discarded by the client.

 
CDN DCs do not store files on hard disks – only in memory. When a CDN server runs out of memory, a simple LRU algorithm is used to replace the least popular files with new ones.

-
How CDN DCs are different from the master DCs

+
How CDN DCs are different from the master DCs

 
    
 
  • CDNs may not be trusted.
    • 
 
  • Client developers can use help.getCdnConfig to obtain a list of public RSA keys for CDN DCs, which are different from public RSA keys of the master DCs.
    • 
 
  • CDNs support only the following methods: upload.getCdnFile, initConnection, invokeWithLayer.
    • 
 
  • When working with CDNs, client developers must remember that auth_key may be deleted at any given moment (resulting in a -404 error, in which case a new key must be generated).
    • 
-
  • Client apps must not accept updates from CDN DCs (apps should only accept updates from their main connection to the master DC).
    • 
+
  • Client apps must not accept updates from CDN DCs (apps should only accept updates from their main connection to the master DC).
    • 
 
  • Clients must not allow the CDN DCs to substitute replies to queries sent to other DCs.
    • 
 
  • Clients must not send private user info that is passed in initConnection to the CDNs.
    • 
 

-
Getting files from a CDN

+
Getting files from a CDN

 
The API may return the upload.fileCdnRedirect constructor after an upload.getFile query. In this case, the client must request the required file from a CDN DC. The dc_id in the response is the id of the new CDN. The IP address for the connection will be available in help.getConfig, same as with the master DCs. The corresponding dcOption will have the flag cdn:flags.3?true.

 
Once a successful connection to the CDN-dc_id is established, the client must generate an auth_key (after confirming that the public RSA MTProto key of the CDN DC matches one from the list returned in help.getCdnConfig). Then the client must perform an upload.getCdnFile for each offset. For files of an unknown size it is necessary to repeat the query until an empty reply is returned.

 
upload.getCdnFile may return the upload.cdnFileReuploadNeeded constructor. In this case, the client needs to send an upload.reuploadCdnFile request to the DC that got the original upload.getFile request. Once upload.reuploadCdnFile is successfull, the app needs to request the file from the CDN DC again.

 
The main DC for a file is the DC where its main copy is stored (not to be confused with the main DC of the user) – either userProfilePhoto.dc_id, chatPhoto.dc_id, photo.dc_id, or document.dc_id.

-
Decrypting files

+
Decrypting files

 
In upload.fileCdnRedirect, the server sends a decryption key and IV for the file (the fields encryption_key:bytes and encryption_iv:bytes respectively).

-
Having received a portion of encrypted data from the CDN DC inside upload.cdnFile, the client must decrypt this data using AES-256-CTR. For IV, it should use the value of encryption_iv, modified in the following manner: for each offset replace the last 4 bytes of the encryption_iv with offset / 16 in big-endian. This allows to effectively decrypt a file and to use random access to a file's content (e.g., for streaming).

-
Verifying files

+
Having received a portion of encrypted data from the CDN DC inside upload.cdnFile, the client must decrypt this data using AES-256-CTR. For IV, it should use the value of encryption_iv, modified in the following manner: for each offset replace the last 4 bytes of the encryption_iv with offset / 16 in big-endian. This allows to effectively decrypt a file and to use random access to a file's content (e.g., for streaming).

+
Verifying files

 
In order to confirm that the CDN DC passed an untampered file, clients must verify hashes for each downloaded part. upload.fileCdnRedirect, upload.reuploadCdnFile and upload.getCdnFileHashes contain FileHash constructors. Each of these constructors contains the SHA-256 hash of a part of the file that starts with offset and takes limit bytes.

 
Before saving each portion of the data received from the CDN DC into the file, the client must confirm that its hash matches the hash that was received from the master DC. If missing a hash for any file part, client developers must use the upload.getCdnFileHashes method to obtain the missing hash.

-
Schema

-
fileHash#6242c773 offset:int limit:int hash:bytes = FileHash;
+
Schema

+
fileHash#6242c773 offset:int limit:int hash:bytes = FileHash;
 
-upload.fileCdnRedirect#f18cda44 dc_id:int file_token:bytes encryption_key:bytes encryption_iv:bytes file_hashes:Vector<FileHash> = upload.File;
+upload.fileCdnRedirect#f18cda44 dc_id:int file_token:bytes encryption_key:bytes encryption_iv:bytes file_hashes:Vector<FileHash> = upload.File;
 
-upload.cdnFileReuploadNeeded#eea8e46e request_token:bytes = upload.CdnFile;
-upload.cdnFile#a99fca4f bytes:bytes = upload.CdnFile;
+upload.cdnFileReuploadNeeded#eea8e46e request_token:bytes = upload.CdnFile;
+upload.cdnFile#a99fca4f bytes:bytes = upload.CdnFile;
 
 
-dcOption#18b7a10d flags:# ipv6:flags.0?true media_only:flags.1?true tcpo_only:flags.2?true cdn:flags.3?true static:flags.4?true id:int ip_address:string port:int secret:flags.10?bytes = DcOption;
+dcOption#18b7a10d flags:# ipv6:flags.0?true media_only:flags.1?true tcpo_only:flags.2?true cdn:flags.3?true static:flags.4?true id:int ip_address:string port:int secret:flags.10?bytes = DcOption;
 
-cdnPublicKey#c982eaba dc_id:int public_key:string = CdnPublicKey;
+cdnPublicKey#c982eaba dc_id:int public_key:string = CdnPublicKey;
 
 
-cdnConfig#5725e40a public_keys:Vector<CdnPublicKey> = CdnConfig;
+cdnConfig#5725e40a public_keys:Vector<CdnPublicKey> = CdnConfig;
 
 ---functions---
 
 // CDN DC
-upload.getCdnFile#2000bcc3 file_token:bytes offset:int limit:int = upload.CdnFile;
+upload.getCdnFile#2000bcc3 file_token:bytes offset:int limit:int = upload.CdnFile;
 
 // Master DC
-upload.reuploadCdnFile#9b2754a8 file_token:bytes request_token:bytes = Vector<FileHash>;
-upload.getCdnFileHashes#4da54231 file_token:bytes offset:int = Vector<FileHash>;
+upload.reuploadCdnFile#9b2754a8 file_token:bytes request_token:bytes = Vector<FileHash>;
+upload.getCdnFileHashes#4da54231 file_token:bytes offset:int = Vector<FileHash>;
 
-help.getCdnConfig#52029342 = CdnConfig;

-
Restrictions on upload.getFile and upload.getCdnFile parameters

+help.getCdnConfig#52029342 = CdnConfig;

+
Restrictions on upload.getFile and upload.getCdnFile parameters

 
    
 
  • offset must be divisible by 4096 bytes
    • 
 
  • limit must be divisible by 4096 bytes
    • 
 
  • 1048576 (1MB) must be divisible by limit
    • 
-
  • offset / (1024 * 1024) == (offset + limit - 1) / (1024 * 1024)
    (file parts that are being downloaded must always be inside the same megabyte-sized fragment)
    • 
+
  • offset / (1024 * 1024) == (offset + limit - 1) / (1024 * 1024)
+(file parts that are being downloaded must always be inside the same megabyte-sized fragment)
    • 
 

-
Possible errors and their meanings

+
Possible errors and their meanings

 
@@ -133,8 +133,7 @@ help.getCdnConfig#52029342 = CdnConfig;
-

 
 

 The master DC did not accept the request_token from the CDN DC. Continue downloading the file from the master DC using upload.getFile.
 

 

-

+

   
 
           
diff --git a/data/corefork.telegram.org/constructor/fileHash.html b/data/corefork.telegram.org/constructor/fileHash.html
index d790f12d53..5c1ea7b493 100644
--- a/data/corefork.telegram.org/constructor/fileHash.html
+++ b/data/corefork.telegram.org/constructor/fileHash.html
@@ -4,10 +4,24 @@
     
     FileHash
     
-    
+    
     
     
-    
+    
     
 
     
diff --git a/data/corefork.telegram.org/constructor/payments.ValidatedRequestedInfo b/data/corefork.telegram.org/constructor/payments.ValidatedRequestedInfo
index e3e047110e..631e1cd0da 100644
--- a/data/corefork.telegram.org/constructor/payments.ValidatedRequestedInfo
+++ b/data/corefork.telegram.org/constructor/payments.ValidatedRequestedInfo
@@ -40,7 +40,7 @@
   
payments.ValidatedRequestedInfo

   
   
Validated user-provided info

-
{scheme}

+
{schema}

 
Parameters

 
diff --git a/data/corefork.telegram.org/method/upload.getWebFile b/data/corefork.telegram.org/method/upload.getWebFile
index 68067a9127..84c5cce896 100644
--- a/data/corefork.telegram.org/method/upload.getWebFile
+++ b/data/corefork.telegram.org/method/upload.getWebFile
@@ -4,20 +4,10 @@
     upload.getWebfile
-    
+    
-    
+    
@@ -107,12 +97,7 @@ location…">
 
-
-
-
-
-
-
+

 
     
     
     
     
     
 
     

 400
 LOCATION_INVALIDThe provided location is invalid
400BOT_METHOD_INVALIDThis method can't be used by a botThe provided location is invalid.
 

 
 

diff --git a/data/corefork.telegram.org/schema/end-to-end.html b/data/corefork.telegram.org/schema/end-to-end.html
index 7b144c9c8f..855759e7fd 100644
--- a/data/corefork.telegram.org/schema/end-to-end.html
+++ b/data/corefork.telegram.org/schema/end-to-end.html
@@ -44,11 +44,11 @@ End-to-end encryption in MTProto,…">
   
Current end-to-end TL-schema

   
   

-
Below you will find the current end-to-end TL-schema. More details on TL »

+
Below you will find the current end-to-end TL-schema. More details on TL »  

 

-
See also:
-End-to-end encryption in MTProto, Secret Chats
-Detailed schema in JSON

+
See also:

+End-to-end encryption in MTProto, Secret Chats

+Detailed schema in JSON  

   

   
    
     
  • 
diff --git a/data/corefork.telegram.org/schema/mtproto.html b/data/corefork.telegram.org/schema/mtproto.html
index a857a34d70..f5814d2861 100644
--- a/data/corefork.telegram.org/schema/mtproto.html
+++ b/data/corefork.telegram.org/schema/mtproto.html
@@ -43,8 +43,8 @@ int ? = Int;…">
   
    
   
    Current MTProto TL-schema
    
   
-  
    Below you will find the current MTProto TL-schema. More details on TL »
    
-
    See also the detailed schema in JSON »
    
+  
    Below you will find the current MTProto TL-schema. More details on TL »  
    
+
    See also the detailed schema in JSON »  
    
 

    
 
    int ? = Int;
 long ? = Long;
diff --git a/data/promote.telegram.org/getting-started.html b/data/promote.telegram.org/getting-started.html
index 863ec13ffc..aa7539062b 100644
--- a/data/promote.telegram.org/getting-started.html
+++ b/data/promote.telegram.org/getting-started.html
@@ -135,11 +135,15 @@
 
 
    Ad Info
    
 
    Click any of your ads on the homepage to make changes to its content and CPM, increase its budget, or see statistics. The title, text and URL of your sponsored message can be updated at any time (but not its targeting parameters) – to see a preview of how the sponsored message looks inside a channel, click ‘Preview Ad’.
    
+
    
+ 
+
    
+
 
    
 
    If you would like to change the targeting parameters, click ‘Create a similar ad’ – this opens a new template with the same content so you can quickly make a new version.
    
 
    
-
-
 
    Ad Budget
    
 
    To increase the budget of your ad, click the ‘Current Budget’ field. You can also change the CPM to be higher or lower from the ‘CPM’ field. If you need to delete your ad (perhaps to resubmit it with new targeting parameters or a lower budget) tap ‘Delete Ad’.
    
 
    
@@ -169,16 +173,16 @@
 
    Once you've added funds to your account, you will get access to Telegram's dedicated Ad Platform Support.