Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-05-13 09:36:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
3x-ui/web/service
History
Farhad H. P. Shirvan 10ebc6cbdc
Implement CSRF protection and security hardening across the application (#4179) 
* Implement CSRF protection and security hardening across the application

- Added CSRF token handling in axios requests and HTML templates.
- Introduced CSRF middleware to validate tokens for unsafe HTTP methods.
- Implemented login limiter to prevent brute-force attacks.
- Enhanced security headers in middleware for improved response security.
- Updated login notification to include safe metadata without passwords.
- Added tests for CSRF middleware and login limiter functionality.

* fix
2026-05-07 23:36:11 +02:00
..
config.json dokodemo-door, socks renamed to mixed, tunnel 2025-09-09 13:57:40 +02:00
custom_geo.go Add SSRF protection (#4044) 2026-04-20 00:18:20 +02:00
custom_geo_test.go Add SSRF protection (#4044) 2026-04-20 00:18:20 +02:00
inbound.go fix(vless): scope testseed to xtls-rprx-vision flow 2026-05-07 14:44:33 +02:00
nord.go feat: Add NordVPN NordLynx (WireGuard) integration (#3827) 2026-04-20 00:41:50 +02:00
outbound.go fix security issue 2026-02-09 23:36:10 +01:00
panel.go feat: add panel update functionality via web GUI (#4117) 2026-04-28 18:46:55 +02:00
panel_other.go feat: add panel update functionality via web GUI (#4117) 2026-04-28 18:46:55 +02:00
panel_test.go feat: add panel update functionality via web GUI (#4117) 2026-04-28 18:46:55 +02:00
panel_unix.go feat: add panel update functionality via web GUI (#4117) 2026-04-28 18:46:55 +02:00
port_conflict.go inbound: check transport in port conflict, allow tcp and udp on same port (#4169) 2026-05-06 11:41:21 +02:00
port_conflict_test.go inbound: check transport in port conflict, allow tcp and udp on same port (#4169) 2026-05-06 11:41:21 +02:00
server.go Exclude virtual interfaces from network stats 2026-05-06 17:28:41 +02:00
setting.go feat: add configurable auto-restart on client auto-disable 2026-05-04 23:19:25 +02:00
tgbot.go Implement CSRF protection and security hardening across the application (#4179) 2026-05-07 23:36:11 +02:00
tgbot_test.go Implement CSRF protection and security hardening across the application (#4179) 2026-05-07 23:36:11 +02:00
user.go Add Go code analyzer workflow 2026-03-17 23:01:15 +01:00
warp.go docs: add comments for all functions 2025-09-20 09:35:50 +02:00
xray.go new: vless reverse 2026-05-05 21:00:03 +02:00
xray_setting.go xray-setting: pin api routing rule to index 0 on save (#4124) 2026-04-28 17:49:39 +02:00
xray_setting_test.go xray-setting: pin api routing rule to index 0 on save (#4124) 2026-04-28 17:49:39 +02:00