Abdalrahman ad81649c16 fix: strip main-panel TLS cert file paths when sending inbound to remote node (#4339) ... When the main panel creates an inbound assigned to a remote node, the wireInbound helper sends StreamSettings as-is, including certificateFile/keyFile paths that only exist on the main panel's filesystem. The remote node's Xray then fails to load them and crashes. This adds sanitizeStreamSettingsForRemote() which strips file-based cert paths before forwarding to a remote node. Inline certificate content (certificate/key) is preserved unchanged. Closes #4335		2026-05-13 14:47:09 +02:00
..
controller	fix(auth): invalidate sessions when 2FA is enabled, fix dev 401 loop	2026-05-13 14:08:16 +02:00
entity	Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)	2026-05-13 12:52:52 +02:00
global	Refactor code and fix linter warnings (#3627)	2026-01-05 05:54:56 +01:00
job	Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)	2026-05-13 12:52:52 +02:00
locale	v3	2026-05-10 02:13:42 +02:00
middleware	Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)	2026-05-13 12:52:52 +02:00
network	docs: add comments for all functions	2025-09-20 09:35:50 +02:00
runtime	fix: strip main-panel TLS cert file paths when sending inbound to remote node (#4339)	2026-05-13 14:47:09 +02:00
service	fix(auth): invalidate sessions when 2FA is enabled, fix dev 401 loop	2026-05-13 14:08:16 +02:00
session	Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)	2026-05-13 12:52:52 +02:00
translation	feat(panel): xray metrics dashboard with observatory probe history	2026-05-12 02:17:45 +02:00
websocket	feat(nodes): traffic-writer queue, full-mirror sync, WS event fixes	2026-05-10 16:25:23 +02:00
web.go	Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)	2026-05-13 12:52:52 +02:00