diff options
| author | Alireza Ahmadi <alireza7@gmail.com> | 2023-12-08 18:46:44 +0300 |
|---|---|---|
| committer | Alireza Ahmadi <alireza7@gmail.com> | 2023-12-08 18:46:44 +0300 |
| commit | 549f230221d7139270efefd76ac81f37e1a747f9 (patch) | |
| tree | a685e494fc145d8b46b6fb9e6bc2fbe36291d9f5 | |
| parent | 4ee986aa718aecaad45c9eda03ff57aea0f535cf (diff) | |
optimize security in front codes #1300
| -rw-r--r-- | web/assets/js/model/xray.js | 89 | ||||
| -rw-r--r-- | web/html/xui/form/tls_settings.html | 30 | ||||
| -rw-r--r-- | web/html/xui/inbound_modal.html | 2 |
3 files changed, 21 insertions, 100 deletions
diff --git a/web/assets/js/model/xray.js b/web/assets/js/model/xray.js index d183b882..0418540a 100644 --- a/web/assets/js/model/xray.js +++ b/web/assets/js/model/xray.js @@ -8,13 +8,6 @@ const Protocols = { HTTP: 'http', }; -const VmessMethods = { - AES_128_GCM: 'aes-128-gcm', - CHACHA20_POLY1305: 'chacha20-poly1305', - AUTO: 'auto', - NONE: 'none', -}; - const SSMethods = { AES_256_GCM: 'aes-256-gcm', AES_128_GCM: 'aes-128-gcm', @@ -91,7 +84,6 @@ const SNIFFING_OPTION = { }; Object.freeze(Protocols); -Object.freeze(VmessMethods); Object.freeze(SSMethods); Object.freeze(XTLS_FLOW_CONTROL); Object.freeze(TLS_FLOW_CONTROL); @@ -422,7 +414,7 @@ class HttpStreamSettings extends XrayCommonClass { } class QuicStreamSettings extends XrayCommonClass { - constructor(security=VmessMethods.NONE, + constructor(security='none', key=RandomUtil.randomSeq(10), type='none') { super(); this.security = security; @@ -1163,95 +1155,34 @@ class Inbound extends XrayCommonClass { } canEnableTls() { - switch (this.protocol) { - case Protocols.VMESS: - case Protocols.VLESS: - case Protocols.TROJAN: - break; - default: - return false; - } - - switch (this.network) { - case "tcp": - case "ws": - case "http": - case "quic": - case "grpc": - return true; - default: - return false; - } + if(![Protocols.VMESS, Protocols.VLESS, Protocols.TROJAN].includes(this.protocol)) return false; + return ["tcp", "ws", "http", "quic", "grpc"].includes(this.network); } canEnableReality() { - switch (this.protocol) { - case Protocols.VLESS: - case Protocols.TROJAN: - break; - default: - return false; - } - switch (this.network) { - case "tcp": - case "http": - case "grpc": - return true; - default: - return false; - } + if(![Protocols.VLESS, Protocols.TROJAN].includes(this.protocol)) return false; + return ["tcp", "http", "grpc"].includes(this.network); } //this is used for xtls-rprx-vision canEnableTlsFlow() { if (((this.stream.security === 'tls') || (this.stream.security === 'reality')) && (this.network === "tcp")) { - switch (this.protocol) { - case Protocols.VLESS: - return true; - default: - return false; - } + return this.protocol === Protocols.VLESS; } return false; } - canSetTls() { - return this.canEnableTls(); - } - canEnableXtls() { - switch (this.protocol) { - case Protocols.VLESS: - case Protocols.TROJAN: - break; - default: - return false; - } + if(![Protocols.VLESS, Protocols.TROJAN].includes(this.protocol)) return false; return this.network === "tcp"; } canEnableStream() { - switch (this.protocol) { - case Protocols.VMESS: - case Protocols.VLESS: - case Protocols.TROJAN: - case Protocols.SHADOWSOCKS: - return true; - default: - return false; - } + return [Protocols.VMESS, Protocols.VLESS, Protocols.TROJAN, Protocols.SHADOWSOCKS].includes(this.protocol); } canSniffing() { - switch (this.protocol) { - case Protocols.VMESS: - case Protocols.VLESS: - case Protocols.TROJAN: - case Protocols.SHADOWSOCKS: - return true; - default: - return false; - } + return [Protocols.VMESS, Protocols.VLESS, Protocols.TROJAN, Protocols.SHADOWSOCKS].includes(this.protocol); } reset() { @@ -1691,7 +1622,7 @@ class Inbound extends XrayCommonClass { toJson() { let streamSettings; - if (this.canEnableStream() || this.protocol === Protocols.TROJAN) { + if (this.canEnableStream()) { streamSettings = this.stream.toJson(); } return { diff --git a/web/html/xui/form/tls_settings.html b/web/html/xui/form/tls_settings.html index 493aef75..eb201862 100644 --- a/web/html/xui/form/tls_settings.html +++ b/web/html/xui/form/tls_settings.html @@ -1,34 +1,24 @@ {{define "form/tlsSettings"}} <!-- tls enable --> -<a-form layout="inline" v-if="inbound.canSetTls()"> +<a-form layout="inline" v-if="inbound.canEnableTls()"> <a-divider style="margin:0;"></a-divider> - <a-form-item v-if="inbound.canEnableTls()" label="TLS"> - <a-switch v-model="inbound.tls"> - </a-switch> - </a-form-item> - <a-form-item v-if="inbound.canEnableReality()"> - <span slot="label"> - Reality + <a-form-item label='{{ i18n "security" }}'> + <a-radio-group v-model="inbound.stream.security" button-style="solid"> + <a-radio-button value="none">{{ i18n "none" }}</a-radio-button> + <a-radio-button value="tls">TLS</a-radio-button> <a-tooltip> <template slot="title"> - <span>{{ i18n "pages.inbounds.realityDesc" }}</span> + <span>{{ i18n "pages.inbounds.xtlsDesc" }}</span> </template> - <a-icon type="question-circle" theme="filled"></a-icon> + <a-radio-button v-if="inbound.canEnableXtls()" value="xtls">XTLS</a-radio-button> </a-tooltip> - </span> - <a-switch v-model="inbound.reality"></a-switch> - </a-form-item> - <a-form-item v-if="inbound.canEnableXtls()"> - <span slot="label"> - XTLS <a-tooltip> <template slot="title"> - <span>{{ i18n "pages.inbounds.xtlsDesc" }}</span> + <span>{{ i18n "pages.inbounds.realityDesc" }}</span> </template> - <a-icon type="question-circle" theme="filled"></a-icon> + <a-radio-button v-if="inbound.canEnableReality()" value="reality">Reality</a-radio-button> </a-tooltip> - </span> - <a-switch v-model="inbound.xtls"></a-switch> + </a-radio-group> </a-form-item> </a-form> diff --git a/web/html/xui/inbound_modal.html b/web/html/xui/inbound_modal.html index 99cb05fe..df42225c 100644 --- a/web/html/xui/inbound_modal.html +++ b/web/html/xui/inbound_modal.html @@ -93,7 +93,7 @@ }, methods: { streamNetworkChange() { - if (!inModal.inbound.canSetTls()) { + if (!inModal.inbound.canEnableTls()) { this.inModal.inbound.stream.security = 'none'; } if (!inModal.inbound.canEnableReality()) { |