fix(security): sanitize remote IP headers and escape log viewer output

#4135
2026-06-06 04:19:34 +00:00 · 2026-05-04 16:36:33 +02:00
parent 9f96ef83ec
commit c90f8a05bf
23 changed files with 147 additions and 85 deletions
--- a/web/html/modals/inbound_modal.html
+++ b/web/html/modals/inbound_modal.html
@@ -2,7 +2,7 @@
 <a-modal id="inbound-modal" v-model="inModal.visible" :title="inModal.title" :dialog-style="{ top: '20px' }"
    @ok="inModal.ok" :confirm-loading="inModal.confirmLoading" :closable="true" :mask-closable="false"
    :class="themeSwitcher.currentTheme" :ok-text="inModal.okText" cancel-text='{{ i18n "close" }}'>
-    {{template "form/inbound"}}
+    {{template "form/inbound" .}}
 </a-modal>
 <script>
    // Make inModal globally available to ensure it works with any base path