3x-ui/service at 10ebc6cbdce4d97bf652c1bac435b296cb221cb5 - 3x-ui - Gitea: Git with a cup of tea

dan9i10/3x-ui

mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-05-08 14:36:13 +00:00

Files

History

Farhad H. P. Shirvan 10ebc6cbdc Implement CSRF protection and security hardening across the application (#4179 )

* Implement CSRF protection and security hardening across the application

- Added CSRF token handling in axios requests and HTML templates.
- Introduced CSRF middleware to validate tokens for unsafe HTTP methods.
- Implemented login limiter to prevent brute-force attacks.
- Enhanced security headers in middleware for improved response security.
- Updated login notification to include safe metadata without passwords.
- Added tests for CSRF middleware and login limiter functionality.

* fix

2026-05-07 23:36:11 +02:00

..

config.json

dokodemo-door, socks renamed to mixed, tunnel

2025-09-09 13:57:40 +02:00

custom_geo_test.go

Add SSRF protection (#4044 )

2026-04-20 00:18:20 +02:00

custom_geo.go

Add SSRF protection (#4044 )

2026-04-20 00:18:20 +02:00

inbound.go

fix(vless): scope testseed to xtls-rprx-vision flow

2026-05-07 14:44:33 +02:00

nord.go

feat: Add NordVPN NordLynx (WireGuard) integration (#3827 )

2026-04-20 00:41:50 +02:00

outbound.go

fix security issue

2026-02-09 23:36:10 +01:00

panel_other.go

feat: add panel update functionality via web GUI (#4117 )

2026-04-28 18:46:55 +02:00

panel_test.go

feat: add panel update functionality via web GUI (#4117 )

2026-04-28 18:46:55 +02:00

panel_unix.go

feat: add panel update functionality via web GUI (#4117 )

2026-04-28 18:46:55 +02:00

panel.go

feat: add panel update functionality via web GUI (#4117 )

2026-04-28 18:46:55 +02:00

port_conflict_test.go

inbound: check transport in port conflict, allow tcp and udp on same port (#4169 )

2026-05-06 11:41:21 +02:00

port_conflict.go

inbound: check transport in port conflict, allow tcp and udp on same port (#4169 )

2026-05-06 11:41:21 +02:00

server.go

Exclude virtual interfaces from network stats

2026-05-06 17:28:41 +02:00

setting.go

feat: add configurable auto-restart on client auto-disable

2026-05-04 23:19:25 +02:00

tgbot_test.go

Implement CSRF protection and security hardening across the application (#4179 )

2026-05-07 23:36:11 +02:00

tgbot.go

Implement CSRF protection and security hardening across the application (#4179 )

2026-05-07 23:36:11 +02:00

user.go

Add Go code analyzer workflow

2026-03-17 23:01:15 +01:00

warp.go

docs: add comments for all functions

2025-09-20 09:35:50 +02:00

xray_setting_test.go

xray-setting: pin api routing rule to index 0 on save (#4124 )

2026-04-28 17:49:39 +02:00

xray_setting.go

xray-setting: pin api routing rule to index 0 on save (#4124 )

2026-04-28 17:49:39 +02:00

xray.go

new: vless reverse

2026-05-05 21:00:03 +02:00