mirror/nginx-ui
1
0
Fork 0
mirror of https://github.com/0xJacky/nginx-ui.git synced 2026-06-19 07:36:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
61185c26f43ad01e4b03eefabf6d7969a0935b3d
nginx-ui/internal
T
History
Adamthereal 61185c26f4 test(middleware): add CSWSH hardening cases for CheckWebSocketOrigin (#1647) 
Locks in the v2.3.5 origin-validation fix for CVE-2026-34403 / GHSA-78mf-482w-62qj
with named regression cases for every bypass class documented in the advisory:
subdomain confusion, suffix confusion, scheme downgrade, port mismatch, default-
port normalization, ws/wss scheme equivalence, case-insensitive host, IPv6 literal,
RFC 7239 Forwarded parsing, multi-valued X-Forwarded-Host, scheme-only / malformed
origin rejection, node_secret query fallback, empty-secret regression, trailing-
slash tolerance on configured trusted origins.

17 table-driven subtests in a new file; zero production code changes; no new
dependencies.

Co-authored-by: Panguard AI <support@panguard.ai>
2026-04-22 09:33:50 +08:00
..
analytic
fix(analytic): avoid websocket keepalive race
2026-04-20 23:50:45 +08:00
backup
feat(backup): enhance backup and restore functionality with crypto secret handling
2026-04-04 14:26:34 +00:00
cache
Nginx-UI disk I/O (#1547)
2026-02-07 21:38:44 +08:00
cert
fix(cert): throttle auto-renew retries and expose renewal errors
2026-04-20 23:19:50 +08:00
cluster
perf: optimize indexer config for multi-core systems
2025-09-08 09:36:07 +08:00
cmd
perf: introduced cache for user, site_config, node
2025-08-25 18:50:44 +08:00
config
Harden config write paths
2026-04-21 22:40:50 +08:00
cron
feat: add logrotate settings validation and testing
2026-03-14 22:04:43 +08:00
crypto
Merge branch 'dev' into refactor/otp
2025-02-10 23:41:11 +09:00
dns
feat: add DELETE endpoint for DDNS configuration and implement deletion logic
2026-03-15 02:44:48 +00:00
docker
fix(docker): explicitly negotiate API version to ensure compatibility (#1543)
2026-02-06 22:45:08 +08:00
event
feat(nginx_log): add basic log_list fallback when AdvancedIndexing is disabled
2025-10-01 04:03:59 +00:00
geolite
chore: update deps
2025-11-07 18:23:23 +08:00
helper
refactor(ws): implement SafeWebSocketWriter for serialized access
2026-04-04 02:01:20 +00:00
kernel
fix(setup): harden first-run installation flow
2026-04-18 23:47:45 +08:00
license
chore: prepare v2.3.8
2026-04-21 15:15:12 +08:00
llm
feat: enhance LLM functionality with nginx configuration context and update ESLint auto-imports
2025-09-05 04:17:39 +00:00
logrotate
style(go): sort imports
2024-10-24 18:22:45 +08:00
mcp
fix(mcp): prevent panic on nil interface conversion for tool arguments (#1622)
2026-04-04 10:51:50 +08:00
middleware
test(middleware): add CSWSH hardening cases for CheckWebSocketOrigin (#1647)
2026-04-22 09:33:50 +08:00
migrate
feat: implement migration to encrypt sensitive JSON fields in database models
2026-03-16 11:34:10 +08:00
nginx
fix: preserve forwarded host for docker websocket checks
2026-04-20 23:39:22 +08:00
nginx_log
feat: enhance service initialization logic with mutex handling and return types
2026-03-16 13:59:45 +00:00
notification
refactor(notification): rename DingTalk to Dingding and update related references #1392
2025-10-17 23:24:14 +08:00
passkey
refactor: handling context in goroutines
2025-05-04 13:36:54 +00:00
performance
chore: clean up codes
2025-10-03 14:33:07 +08:00
process
feat: add pidfile parameter to support OpenRC
2025-05-08 23:09:54 +09:00
pty
feat: implement demo mode for terminal with restricted commands
2026-03-14 23:49:58 +08:00
self_check
Nginx duplicate includes (#1550)
2026-02-08 20:02:10 +08:00
site
Harden config write paths
2026-04-21 22:40:50 +08:00
sitecheck
fix(sitecheck): bound outbound connections and add global controls (#1608)
2026-04-18 16:06:06 +08:00
stream
Harden config write paths
2026-04-21 22:40:50 +08:00
system
fix(setup): harden first-run installation flow
2026-04-18 23:47:45 +08:00
template
fix(template): use path.Join and rename param to avoid Windows embed path issue (#1391)
2025-10-16 08:50:28 +08:00
translation
refactor: streamline frontend asset handling and remove compression step
2025-11-28 11:47:37 +08:00
transport
refactor(analytic): improved network stat #913
2025-03-15 10:14:21 +08:00
upgrader
refactor(ws): implement SafeWebSocketWriter for serialized access
2026-04-04 02:01:20 +00:00
upstream
fix upstream (#1637)
2026-04-15 23:26:19 +08:00
user
feat: implement short token endpoint for WebSocket authentication
2026-04-02 00:06:04 +08:00
validation
chore: update deps #946
2025-04-08 15:59:09 +08:00
version
chore: clean up codes
2025-10-03 14:33:07 +08:00