Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-06-06 21:24:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
3x-ui/web/controller
History
root 77d276da04 fix: add login rate limiting and prevent IP spoofing via headers 
- Add RateLimitMiddleware(10/min) to POST /login (previously unprotected)
- Use RemoteAddr instead of X-Real-IP/X-Forwarded-For in getRemoteIp() and rate limiter
- Prevents brute-force login and rate-limit bypass via spoofed headers
2026-04-25 11:43:03 +08:00
..
access_control_test.go Harden admin access for panel APIs 2026-04-06 22:12:38 +08:00
api.go style: apply gofmt formatting 2026-04-24 17:44:02 +08:00
base.go feat: add admin user management 2026-04-04 14:59:40 +08:00
inbound.go Harden admin access for panel APIs 2026-04-06 22:12:38 +08:00
index.go fix: add login rate limiting and prevent IP spoofing via headers 2026-04-25 11:43:03 +08:00
node.go fix: node config save, dbType mismatch, and dark theme support 2026-04-25 10:19:41 +08:00
server.go Refactor code and fix linter warnings (#3627) 2026-01-05 05:54:56 +01:00
setting.go Harden admin access for panel APIs 2026-04-06 22:12:38 +08:00
user.go fix(user): sync-remove inbound clients when deleting managed user 2026-04-05 03:52:41 +08:00
util.go fix: add login rate limiting and prevent IP spoofing via headers 2026-04-25 11:43:03 +08:00
websocket.go feat: Add WebSocket support for real-time updates and enhance VLESS settings (#3605) 2026-01-03 05:26:00 +01:00
xray_setting.go fix security issue 2026-02-09 23:36:10 +01:00
xui.go feat: register NodeController routes and nodes page 2026-04-24 17:08:52 +08:00