mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2026-07-13 08:06:06 +00:00
fix: Add base-path meta tag for Cloudflare Rocket Loader compatibility
When Cloudflare Rocket Loader is enabled, it interferes with inline scripts that set window.X_UI_BASE_PATH, causing the frontend to fail to configure the correct base URL for API calls. This results in 404 errors on the login page when calling /getTwoFactorEnable. Solution: Add meta name='base-path' tag to HTML (similar to csrf-token), update axios initialization to read from meta tag as fallback. Meta tags are not affected by CSP or Rocket Loader delays. Fixes #4393
This commit is contained in:
@@ -56,6 +56,7 @@ func serveDistPage(c *gin.Context, name string) {
|
||||
csrfToken = ""
|
||||
}
|
||||
csrfMeta := []byte(`<meta name="csrf-token" content="` + htmlpkg.EscapeString(csrfToken) + `">`)
|
||||
basePathMeta := []byte(`<meta name="base-path" content="` + htmlpkg.EscapeString(basePath) + `">`)
|
||||
|
||||
nonceAttr := ""
|
||||
if nonce := c.GetString("csp_nonce"); nonce != "" {
|
||||
@@ -69,6 +70,7 @@ func serveDistPage(c *gin.Context, name string) {
|
||||
script += `;</script>`
|
||||
inject := []byte(script)
|
||||
inject = append(inject, csrfMeta...)
|
||||
inject = append(inject, basePathMeta...)
|
||||
inject = append(inject, []byte(`</head>`)...)
|
||||
out := bytes.Replace(body, []byte("</head>"), inject, 1)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user