GitHub/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-06-08 05:14:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e40554a7d53190d0b0f7d886c262685335f9aac8
3x-ui/web/service
History
MHSanaei e40554a7d5 fix(inbound): require email when adding or updating a client 
AddInboundClient and UpdateInboundClient previously accepted an
empty Email field for every protocol except shadowsocks (where
email doubles as the client ID). Empty emails break downstream
features that key off email — IP-limit logging, traffic stats,
client-online tracking, subscription remarks.

Reject empty/whitespace-only emails at the service layer so the
API surface (POST /panel/api/inbounds/addClient and
/updateClient/:id) returns a clear error instead of persisting
an unidentifiable client.

Also drop the stale `len(Email) > 0` guard in UpdateInboundClient
that became dead code once empty emails are rejected.
2026-05-13 13:45:31 +02:00
..
config.json
dokodemo-door, socks renamed to mixed, tunnel
2025-09-09 13:57:40 +02:00
custom_geo_test.go
v3
2026-05-10 02:13:42 +02:00
custom_geo.go
fix(security): SSRF-guard node and remote HTTP clients
2026-05-13 13:33:53 +02:00
inbound.go
fix(inbound): require email when adding or updating a client
2026-05-13 13:45:31 +02:00
metric_history.go
feat(panel): xray metrics dashboard with observatory probe history
2026-05-12 02:17:45 +02:00
node.go
fix(security): SSRF-guard node and remote HTTP clients
2026-05-13 13:33:53 +02:00
nord.go
feat(xray/nord): searchable server list + colored load tag, surface API errors
2026-05-11 10:06:01 +02:00
outbound.go
feat(xray/outbounds): TCP probe mode + Test All + timing breakdown
2026-05-11 04:17:23 +02:00
panel_other.go
feat: add panel update functionality via web GUI (#4117)
2026-04-28 18:46:55 +02:00
panel_test.go
feat: add panel update functionality via web GUI (#4117)
2026-04-28 18:46:55 +02:00
panel_unix.go
feat: add panel update functionality via web GUI (#4117)
2026-04-28 18:46:55 +02:00
panel.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
port_conflict_test.go
fix(inbounds): scope port check to node and preserve caller tag
2026-05-11 12:51:45 +02:00
port_conflict.go
fix(inbounds): scope port check to node and preserve caller tag
2026-05-11 12:51:45 +02:00
server_vlessenc_test.go
Feat: clarify VLESS encryption auth selection (#4271)
2026-05-12 11:39:28 +02:00
server.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
setting_security_test.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
setting.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
tgbot_test.go
Implement CSRF protection and security hardening across the application (#4179)
2026-05-07 23:36:11 +02:00
tgbot.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
traffic_writer_test.go
Fix: traffic writer restart freeze (#4265)
2026-05-12 11:36:05 +02:00
traffic_writer.go
Fix: traffic writer restart freeze (#4265)
2026-05-12 11:36:05 +02:00
url_safety.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
user.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
warp.go
v3
2026-05-10 02:13:42 +02:00
websocket.go
v3
2026-05-10 02:13:42 +02:00
xray_metrics.go
Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275)
2026-05-13 12:52:52 +02:00
xray_setting_test.go
xray-setting: pin api routing rule to index 0 on save (#4124)
2026-04-28 17:49:39 +02:00
xray_setting.go
v3
2026-05-10 02:13:42 +02:00
xray.go
fix(nodes): bind form-encoded posts and skip node inbounds in central xray
2026-05-10 11:32:06 +02:00