Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2025-04-20 05:52:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

optimize security in front codes #1300

Browse source
This commit is contained in:
Alireza Ahmadi 2023-12-08 16:46:44 +01:00
parent 4ee986aa71
commit 549f230221
3 changed files with 24 additions and 103 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

89
web/assets/js/model/xray.js
View file

@ -8,13 +8,6 @@ const Protocols = {
HTTP: 'http',
};
const VmessMethods = {
AES_128_GCM: 'aes-128-gcm',
CHACHA20_POLY1305: 'chacha20-poly1305',
AUTO: 'auto',
NONE: 'none',
};
const SSMethods = {
AES_256_GCM: 'aes-256-gcm',
AES_128_GCM: 'aes-128-gcm',
@ -91,7 +84,6 @@ const SNIFFING_OPTION = {
};
Object.freeze(Protocols);
Object.freeze(VmessMethods);
Object.freeze(SSMethods);
Object.freeze(XTLS_FLOW_CONTROL);
Object.freeze(TLS_FLOW_CONTROL);
@ -422,7 +414,7 @@ class HttpStreamSettings extends XrayCommonClass {
}
class QuicStreamSettings extends XrayCommonClass {
constructor(security=VmessMethods.NONE,
constructor(security='none',
key=RandomUtil.randomSeq(10), type='none') {
super();
this.security = security;
@ -1163,95 +1155,34 @@ class Inbound extends XrayCommonClass {
}
canEnableTls() {
switch (this.protocol) {
case Protocols.VMESS:
case Protocols.VLESS:
case Protocols.TROJAN:
break;
default:
return false;
}
switch (this.network) {
case "tcp":
case "ws":
case "http":
case "quic":
case "grpc":
return true;
default:
return false;
}
if(![Protocols.VMESS, Protocols.VLESS, Protocols.TROJAN].includes(this.protocol)) return false;
return ["tcp", "ws", "http", "quic", "grpc"].includes(this.network);
}
canEnableReality() {
switch (this.protocol) {
case Protocols.VLESS:
case Protocols.TROJAN:
break;
default:
return false;
}
switch (this.network) {
case "tcp":
case "http":
case "grpc":
return true;
default:
return false;
}
if(![Protocols.VLESS, Protocols.TROJAN].includes(this.protocol)) return false;
return ["tcp", "http", "grpc"].includes(this.network);
}
//this is used for xtls-rprx-vision
canEnableTlsFlow() {
if (((this.stream.security === 'tls') || (this.stream.security === 'reality')) && (this.network === "tcp")) {
switch (this.protocol) {
case Protocols.VLESS:
return true;
default:
return false;
}
return this.protocol === Protocols.VLESS;
}
return false;
}
canSetTls() {
return this.canEnableTls();
}
canEnableXtls() {
switch (this.protocol) {
case Protocols.VLESS:
case Protocols.TROJAN:
break;
default:
return false;
}
if(![Protocols.VLESS, Protocols.TROJAN].includes(this.protocol)) return false;
return this.network === "tcp";
}
canEnableStream() {
switch (this.protocol) {
case Protocols.VMESS:
case Protocols.VLESS:
case Protocols.TROJAN:
case Protocols.SHADOWSOCKS:
return true;
default:
return false;
}
return [Protocols.VMESS, Protocols.VLESS, Protocols.TROJAN, Protocols.SHADOWSOCKS].includes(this.protocol);
}
canSniffing() {
switch (this.protocol) {
case Protocols.VMESS:
case Protocols.VLESS:
case Protocols.TROJAN:
case Protocols.SHADOWSOCKS:
return true;
default:
return false;
}
return [Protocols.VMESS, Protocols.VLESS, Protocols.TROJAN, Protocols.SHADOWSOCKS].includes(this.protocol);
}
reset() {
@ -1691,7 +1622,7 @@ class Inbound extends XrayCommonClass {
toJson() {
let streamSettings;
if (this.canEnableStream() || this.protocol === Protocols.TROJAN) {
if (this.canEnableStream()) {
streamSettings = this.stream.toJson();
}
return {

36
web/html/xui/form/tls_settings.html
View file

@ -1,34 +1,24 @@
{{define "form/tlsSettings"}}
<!-- tls enable -->
<a-form layout="inline" v-if="inbound.canSetTls()">
<a-form layout="inline" v-if="inbound.canEnableTls()">
<a-divider style="margin:0;"></a-divider>
<a-form-item v-if="inbound.canEnableTls()" label="TLS">
<a-switch v-model="inbound.tls">
</a-switch>
</a-form-item>
<a-form-item v-if="inbound.canEnableReality()">
<span slot="label">
Reality
<a-tooltip>
<template slot="title">
<span>{{ i18n "pages.inbounds.realityDesc" }}</span>
</template>
<a-icon type="question-circle" theme="filled"></a-icon>
</a-tooltip>
</span>
<a-switch v-model="inbound.reality"></a-switch>
</a-form-item>
<a-form-item v-if="inbound.canEnableXtls()">
<span slot="label">
XTLS
<a-form-item label='{{ i18n "security" }}'>
<a-radio-group v-model="inbound.stream.security" button-style="solid">
<a-radio-button value="none">{{ i18n "none" }}</a-radio-button>
<a-radio-button value="tls">TLS</a-radio-button>
<a-tooltip>
<template slot="title">
<span>{{ i18n "pages.inbounds.xtlsDesc" }}</span>
</template>
<a-icon type="question-circle" theme="filled"></a-icon>
<a-radio-button v-if="inbound.canEnableXtls()" value="xtls">XTLS</a-radio-button>
</a-tooltip>
</span>
<a-switch v-model="inbound.xtls"></a-switch>
<a-tooltip>
<template slot="title">
<span>{{ i18n "pages.inbounds.realityDesc" }}</span>
</template>
<a-radio-button v-if="inbound.canEnableReality()" value="reality">Reality</a-radio-button>
</a-tooltip>
</a-radio-group>
</a-form-item>
</a-form>

2
web/html/xui/inbound_modal.html
View file

@ -93,7 +93,7 @@
},
methods: {
streamNetworkChange() {
if (!inModal.inbound.canSetTls()) {
if (!inModal.inbound.canEnableTls()) {
this.inModal.inbound.stream.security = 'none';
}
if (!inModal.inbound.canEnableReality()) {