Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-06-06 21:24:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
3x-ui/web/controller
History
MHSanaei 32966c1257
feat(inbounds): native fallbacks on VLESS/Trojan TCP-TLS, with working child links 
A VLESS or Trojan inbound on TCP with TLS or Reality can now act as a
fallback master: pick existing inbounds as children and the panel auto-
fills the SNI / ALPN / path / xver routing fields from each child's
transport, auto-builds settings.fallbacks at config-gen time, and
rewrites the child's client-share link so it advertises the master's
reachable endpoint and TLS state instead of the child's loopback listen.

Layout matches the Xray All-in-One Nginx example: master at :443 with
clients + TLS, each child on 127.0.0.1 with its own transport+clients.
Order matters (Xray walks fallbacks top-to-bottom) — reorder via the
per-row up/down arrows. Path / SNI / ALPN are exposed under a per-row
Edit toggle for the rare cases where the auto-derivation needs
overriding; otherwise just pick a child and you're done.

Backend: new InboundFallback table + FallbackService (GetByMaster /
SetByMaster / GetParentForChild / BuildFallbacksJSON); two routes
(GET / POST /panel/api/inbounds/:id/fallbacks); xray.GetXrayConfig
injects settings.fallbacks for any VLESS/Trojan TCP-TLS/Reality
inbound; GetInbounds annotates each child with FallbackParent so the
frontend can rewrite links without an extra round-trip.

Link projection covers every emission path — clients-page QR/links,
per-inbound Get URL, raw subscription, sub-JSON, sub-Clash, and the
inbounds-page link/info/QR — via a shared projectThroughFallbackMaster
on the backend and a shared projectChildThroughMaster on the frontend
that both handle the panel-tracked relationship and the legacy
unix-socket (@vless-ws) convention.

Strings translated into all 12 non-English locales.
2026-05-19 01:45:57 +02:00
..
api.go chore: apply modernize analyzer fixes across codebase 2026-05-18 12:24:52 +02:00
api_docs_test.go refactor(clients): switch client API endpoints from id to email 2026-05-17 16:41:48 +02:00
base.go v3 2026-05-10 02:13:42 +02:00
client.go fix(nodes): route per-client ops through node clients API + orphan sweep 2026-05-17 23:29:29 +02:00
custom_geo.go v3 2026-05-10 02:13:42 +02:00
dist.go fix: Add base-path meta tag for Cloudflare Rocket Loader compatibility 2026-05-14 23:37:25 +02:00
inbound.go feat(inbounds): native fallbacks on VLESS/Trojan TCP-TLS, with working child links 2026-05-19 01:45:57 +02:00
index.go fix(auth): invalidate sessions when 2FA is enabled, fix dev 401 loop 2026-05-13 14:08:16 +02:00
login_limiter.go Implement CSRF protection and security hardening across the application (#4179) 2026-05-07 23:36:11 +02:00
login_limiter_test.go refactor(websocket): split controller into service + thin controller 2026-05-08 00:00:44 +02:00
node.go refactor(server): move cached state and helpers into ServerService 2026-05-17 18:17:50 +02:00
server.go refactor(server): move cached state and helpers into ServerService 2026-05-17 18:17:50 +02:00
setting.go feat(api-tokens): manage multiple named tokens; add tab/section anchor URLs 2026-05-13 16:34:31 +02:00
util.go chore: apply modernize analyzer fixes across codebase 2026-05-18 12:24:52 +02:00
util_test.go Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275) 2026-05-13 12:52:52 +02:00
websocket.go v3 2026-05-10 02:13:42 +02:00
xray_setting.go Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275) 2026-05-13 12:52:52 +02:00
xui.go feat(clients): add top-level Clients tab and CRUD API 2026-05-17 07:28:55 +02:00