Farhad H. P. Shirvan 10ebc6cbdc Implement CSRF protection and security hardening across the application (#4179) ...

* Implement CSRF protection and security hardening across the application

- Added CSRF token handling in axios requests and HTML templates.
- Introduced CSRF middleware to validate tokens for unsafe HTTP methods.
- Implemented login limiter to prevent brute-force attacks.
- Enhanced security headers in middleware for improved response security.
- Updated login notification to include safe metadata without passwords.
- Added tests for CSRF middleware and login limiter functionality.

* fix

2026-05-07 23:36:11 +02:00

..

api.go

Implement CSRF protection and security hardening across the application (#4179)

2026-05-07 23:36:11 +02:00

base.go

docs: add comments for all functions

2025-09-20 09:35:50 +02:00

custom_geo.go

Add SSRF protection (#4044)

2026-04-20 00:18:20 +02:00

inbound.go

ws/inbounds: realtime fixes + perf for 10k+ client inbounds (#4123)

2026-05-05 17:27:49 +02:00

index.go

Implement CSRF protection and security hardening across the application (#4179)

2026-05-07 23:36:11 +02:00

login_limiter_test.go

Implement CSRF protection and security hardening across the application (#4179)

2026-05-07 23:36:11 +02:00

login_limiter.go

Implement CSRF protection and security hardening across the application (#4179)

2026-05-07 23:36:11 +02:00

server.go

feat: add panel update functionality via web GUI (#4117)

2026-04-28 18:46:55 +02:00

setting.go

ws/inbounds: realtime fixes + perf for 10k+ client inbounds (#4123)

2026-05-05 17:27:49 +02:00

util.go

Implement CSRF protection and security hardening across the application (#4179)

2026-05-07 23:36:11 +02:00

websocket.go

ws/inbounds: realtime fixes + perf for 10k+ client inbounds (#4123)

2026-05-05 17:27:49 +02:00

xray_setting.go

fix: get client reverse tag in the outbound

2026-05-06 00:50:40 +02:00

xui.go

Implement CSRF protection and security hardening across the application (#4179)

2026-05-07 23:36:11 +02:00