3x-ui

mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-06-07 13:44:24 +00:00

History

MHSanaei 91ee295199 Add SSRF protection for custom geo downloads Introduce SSRF-safe HTTP transport for custom geo operations by adding ssrfSafeTransport and isBlockedIP helpers. The transport resolves hosts and blocks loopback, private, link-local and unspecified addresses, returning ErrCustomGeoSSRFBlocked on violations. Update probeCustomGeoURLWithGET, probeCustomGeoURL and downloadToPathOnce to use the safe transport. Also add the new error ErrCustomGeoSSRFBlocked and necessary imports. Minor whitespace/formatting adjustments in subClashService.go, web/entity/entity.go and web/service/setting.go.		2026-04-19 23:20:37 +02:00
..
default.json	dokodemo-door, socks renamed to mixed, tunnel	2025-09-09 13:57:40 +02:00
sub.go	feat add clash yaml convert (#3916 )	2026-04-19 22:26:13 +02:00
subClashService.go	Add SSRF protection for custom geo downloads	2026-04-19 23:20:37 +02:00
subController.go	feat add clash yaml convert (#3916 )	2026-04-19 22:26:13 +02:00
subJsonService.go	Remove allowInsecure	2026-02-11 18:21:23 +01:00
subService.go	feat add clash yaml convert (#3916 )	2026-04-19 22:26:13 +02:00