diff options
| author | MHSanaei <ho3ein.sanaei@gmail.com> | 2026-02-01 05:12:54 +0300 |
|---|---|---|
| committer | MHSanaei <ho3ein.sanaei@gmail.com> | 2026-02-01 05:12:54 +0300 |
| commit | 9d603c5ad20503c11e6b79aa8e0203d45e835358 (patch) | |
| tree | e32f1870c42cb6c0d7e8772e3c07c48ca62a3966 /web/assets | |
| parent | a973fa6d6886b7f6af14d7848b31964c46ee151d (diff) | |
Add pinnedPeerCertSha256 support to TLS settings
Introduces the pinnedPeerCertSha256 field to TlsStreamSettings in the JS model and adds a corresponding input in the TLS settings form. This allows users to specify SHA256 fingerprints for peer certificate pinning, enhancing security configuration options.
Diffstat (limited to 'web/assets')
| -rw-r--r-- | web/assets/js/model/inbound.js | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/web/assets/js/model/inbound.js b/web/assets/js/model/inbound.js index 47f32f5c..1e3c0357 100644 --- a/web/assets/js/model/inbound.js +++ b/web/assets/js/model/inbound.js @@ -597,6 +597,7 @@ class TlsStreamSettings extends XrayCommonClass { cipherSuites = '', rejectUnknownSni = false, verifyPeerCertByName = ['dns.google', 'cloudflare-dns.com'], + pinnedPeerCertSha256 = [], disableSystemRoot = false, enableSessionResumption = false, certificates = [new TlsStreamSettings.Cert()], @@ -612,6 +613,7 @@ class TlsStreamSettings extends XrayCommonClass { this.cipherSuites = cipherSuites; this.rejectUnknownSni = rejectUnknownSni; this.verifyPeerCertByName = Array.isArray(verifyPeerCertByName) ? verifyPeerCertByName.join(",") : verifyPeerCertByName; + this.pinnedPeerCertSha256 = pinnedPeerCertSha256; this.disableSystemRoot = disableSystemRoot; this.enableSessionResumption = enableSessionResumption; this.certs = certificates; @@ -646,6 +648,7 @@ class TlsStreamSettings extends XrayCommonClass { json.cipherSuites, json.rejectUnknownSni, json.verifyPeerCertByName, + json.pinnedPeerCertSha256 || [], json.disableSystemRoot, json.enableSessionResumption, certs, @@ -664,6 +667,7 @@ class TlsStreamSettings extends XrayCommonClass { cipherSuites: this.cipherSuites, rejectUnknownSni: this.rejectUnknownSni, verifyPeerCertByName: this.verifyPeerCertByName.split(","), + pinnedPeerCertSha256: this.pinnedPeerCertSha256.length > 0 ? this.pinnedPeerCertSha256 : undefined, disableSystemRoot: this.disableSystemRoot, enableSessionResumption: this.enableSessionResumption, certificates: TlsStreamSettings.toJsonArray(this.certs), |