feat: 远程订阅支持 insecure 不验证服务器证书

feat: Surge 支持 Shadowsocks 2022(为了兼容 必须使用 `includeUnsupportedProxy` 参数或开启 `包含官方/商店版不支持的协议` 开关)

.github/workflows/main.yml

@@ -21,11 +21,11 @@ jobs:
       - name: Set up Node.js
         uses: actions/setup-node@v3
         with:
-          node-version: "16"
+          node-version: "20"
       - name: Install dependencies
         run: |
           npm install -g pnpm
-          cd backend && pnpm i
+          cd backend && pnpm i --no-frozen-lockfile
       - name: Test
         run: |
           cd backend
@@ -37,7 +37,6 @@ jobs:
       - name: Bundle
         run: |
           cd backend
-          pnpm i -D estrella
           pnpm run bundle
       - id: tag
         name: Generate release tag
@@ -45,14 +44,20 @@ jobs:
           cd backend
           SUBSTORE_RELEASE=`node --eval="process.stdout.write(require('./package.json').version)"`
           echo "release_tag=$SUBSTORE_RELEASE" >> $GITHUB_OUTPUT
+      - name: Prepare release
+        run: |
+          cd backend
+          pnpm i -D conventional-changelog-cli
+          pnpm run changelog
       - name: Release
         uses: softprops/action-gh-release@v1
         if: ${{ success() }}
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
+          body_path: ./backend/CHANGELOG.md
           tag_name: ${{ steps.tag.outputs.release_tag }}
-          generate_release_notes: true
+          # generate_release_notes: true
           files: |
             ./backend/sub-store.min.js
             ./backend/dist/sub-store-0.min.js
@@ -60,6 +65,17 @@ jobs:
             ./backend/dist/sub-store-parser.loon.min.js
             ./backend/dist/cron-sync-artifacts.min.js
             ./backend/dist/sub-store.bundle.js
+      - name: Git push assets to "release" branch
+        run: |
+          cd backend/dist || exit 1
+          git init
+          git config --local user.name "github-actions[bot]"
+          git config --local user.email "github-actions[bot]@users.noreply.github.com"
+          git checkout -b release
+          git add .
+          git commit -m "release: ${{ steps.tag.outputs.release_tag }}"
+          git remote add origin "https://${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}"
+          git push -f -u origin release
       - name: Sync to GitLab
         env:
           GITLAB_PIPELINE_TOKEN: ${{ secrets.GITLAB_PIPELINE_TOKEN }}

.gitmodules

@@ -1,3 +0,0 @@
-[submodule "web"]
-	path = web
-	url = https://github.com/sub-store-org/Sub-Store-Front-End.git

README.md

@@ -1,19 +1,19 @@
 <div align="center">
 <br>
-<img width="200" src="https://raw.githubusercontent.com/58xinian/icon/master/Sub-Store1.png" alt="Sub-Store">
+<img width="200" src="https://raw.githubusercontent.com/cc63/ICON/main/Sub-Store.png" alt="Sub-Store">
 <br>
 <br>
 <h2 align="center">Sub-Store<h2>
 </div>
 
 <p align="center" color="#6a737d">
-Advanced Subscription Manager for QX, Loon, Surge, Stash and ShadowRocket.
+Advanced Subscription Manager for QX, Loon, Surge, Stash and Shadowrocket.
 </p>
 
-[![Build](https://github.com/sub-store-org/Sub-Store/actions/workflows/main.yml/badge.svg)](https://github.com/sub-store-org/Sub-Store/actions/workflows/main.yml) ![GitHub](https://img.shields.io/github/license/sub-store-org/Sub-Store) ![GitHub issues](https://img.shields.io/github/issues/sub-store-org/Sub-Store) ![GitHub closed pull requests](https://img.shields.io/github/issues-pr-closed-raw/Peng-Ym/Sub-Store) ![Lines of code](https://img.shields.io/tokei/lines/github/sub-store-org/Sub-Store) ![Size](https://img.shields.io/github/languages/code-size/sub-store-org/Sub-Store) 
-
+[![Build](https://github.com/sub-store-org/Sub-Store/actions/workflows/main.yml/badge.svg)](https://github.com/sub-store-org/Sub-Store/actions/workflows/main.yml) ![GitHub](https://img.shields.io/github/license/sub-store-org/Sub-Store) ![GitHub issues](https://img.shields.io/github/issues/sub-store-org/Sub-Store) ![GitHub closed pull requests](https://img.shields.io/github/issues-pr-closed-raw/Peng-Ym/Sub-Store) ![Lines of code](https://img.shields.io/tokei/lines/github/sub-store-org/Sub-Store) ![Size](https://img.shields.io/github/languages/code-size/sub-store-org/Sub-Store)
+<a href="https://trendshift.io/repositories/4572" target="_blank"><img src="https://trendshift.io/api/badge/repositories/4572" alt="sub-store-org%2FSub-Store | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
 [!["Buy Me A Coffee"](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://www.buymeacoffee.com/PengYM)
-   
+
 Core functionalities:
 
 1. Conversion among various formats.
@@ -21,36 +21,39 @@ Core functionalities:
 3. Collect multiple subscriptions in one URL.
 
 > The following descriptions of features may not be updated in real-time. Please refer to the actual available features for accurate information.
-   
+
 ## 1. Subscription Conversion
 
 ### Supported Input Formats
 
-- [x] SS URI
-- [x] SSR URI
-- [x] SSD URI
-- [x] V2RayN URI
-- [x] Hysteria2 URI
-- [x] QX (SS, SSR, VMess, Trojan, HTTP)
-- [x] Loon (SS, SSR, VMess, Trojan, HTTP, WireGuard, VLESS, Hysteria2)
-- [x] Surge (SS, VMess, Trojan, HTTP, TUIC, Snell, Hysteria2, SSR(external, only for macOS), WireGuard(Surge to Surge))
-- [x] ShadowRocket (SS, SSR, VMess, Trojan, HTTP, Snell, VLESS, Hysteria2)
-- [x] Clash.Meta (SS, SSR, VMess, Trojan, HTTP, Snell, VLESS, WireGuard, Hysteria, Hysteria2)
-- [x] Stash (SS, SSR, VMess, Trojan, HTTP, Snell, VLESS, WireGuard, Hysteria)
-- [x] Clash (SS, SSR, VMess, Trojan, HTTP, Snell, VLESS, WireGuard)
+> ⚠️ Do not use `Shadowrocket` to export URI and then import it as input. It is not a standard URI.
+
+- [x] URI(SS, SSR, VMess, VLESS, Trojan, Hysteria, Hysteria 2, TUIC v5, WireGuard)
+- [x] Clash Proxies YAML
+- [x] Clash Proxy JSON(single line)
+- [x] QX (SS, SSR, VMess, Trojan, HTTP, SOCKS5, VLESS)
+- [x] Loon (SS, SSR, VMess, Trojan, HTTP, SOCKS5, SOCKS5-TLS, WireGuard, VLESS, Hysteria 2)
+- [x] Surge (SS, VMess, Trojan, HTTP, SOCKS5, SOCKS5-TLS, TUIC, Snell, Hysteria 2, SSH(Password authentication only), External Proxy Program(only for macOS), WireGuard(Surge to Surge))
+- [x] Surfboard (SS, VMess, Trojan, HTTP, SOCKS5, SOCKS5-TLS, WireGuard(Surfboard to Surfboard))
+- [x] Clash.Meta (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, Hysteria 2, TUIC)
+- [x] Stash (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, TUIC, Juicity, SSH)
+- [x] Clash (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard)
 
 ### Supported Target Platforms
 
-- [x] QX
-- [x] Loon
-- [x] Surge
+- [x] Plain JSON
 - [x] Stash
-- [x] Clash.Meta
+- [x] Clash.Meta(mihomo)
 - [x] Clash
-- [x] ShadowRocket
+- [x] Surfboard
+- [x] Surge
+- [x] SurgeMac(Use mihomo to support protocols that are not supported by Surge itself)
+- [x] Loon
+- [x] Shadowrocket
+- [x] QX
+- [x] sing-box
 - [x] V2Ray
 - [x] V2Ray URI
-- [x] Plain JSON
 
 ## 2. Subscription Formatting
 
@@ -81,15 +84,25 @@ Install `pnpm`
 Go to `backend` directories, install node dependencies:
 
 ```
-pnpm install
+pnpm i
 ```
 
 1. In `backend`, run the backend server on http://localhost:3000
 
+babel(old school)
+
 ```
 pnpm start
 ```
 
+or
+
+esbuild(experimental)
+
+```
+SUB_STORE_BACKEND_API_PORT=3000 pnpm run --parallel "/^dev:.*/"
+```
+
 ## LICENSE
 
 This project is under the GPL V3 LICENSE.
@@ -100,7 +113,6 @@ This project is under the GPL V3 LICENSE.
 
 [![Star History Chart](https://api.star-history.com/svg?repos=sub-store-org/sub-store&type=Date)](https://star-history.com/#sub-store-org/sub-store&Date)
 
-
 ## Acknowledgements
 
 - Special thanks to @KOP-XIAO for his awesome resource-parser. Please give a [star](https://github.com/KOP-XIAO/QuantumultX) for his great work!

backend/bundle-esbuild.js

@@ -0,0 +1,77 @@
+#!/usr/bin/env node
+const fs = require('fs');
+const path = require('path');
+const { build } = require('esbuild');
+
+!(async () => {
+    const version = JSON.parse(
+        fs.readFileSync(path.join(__dirname, 'package.json'), 'utf-8'),
+    ).version.trim();
+
+    const artifacts = [
+        { src: 'src/main.js', dest: 'sub-store.min.js' },
+        {
+            src: 'src/products/resource-parser.loon.js',
+            dest: 'dist/sub-store-parser.loon.min.js',
+        },
+        {
+            src: 'src/products/cron-sync-artifacts.js',
+            dest: 'dist/cron-sync-artifacts.min.js',
+        },
+        { src: 'src/products/sub-store-0.js', dest: 'dist/sub-store-0.min.js' },
+        { src: 'src/products/sub-store-1.js', dest: 'dist/sub-store-1.min.js' },
+    ];
+
+    for await (const artifact of artifacts) {
+        await build({
+            entryPoints: [artifact.src],
+            bundle: true,
+            minify: true,
+            sourcemap: false,
+            platform: 'browser',
+            format: 'iife',
+            outfile: artifact.dest,
+        });
+    }
+
+    let content = fs.readFileSync(path.join(__dirname, 'sub-store.min.js'), {
+        encoding: 'utf8',
+    });
+    content = content.replace(
+        /eval\(('|")(require\(('|").*?('|")\))('|")\)/g,
+        '$2',
+    );
+    fs.writeFileSync(
+        path.join(__dirname, 'dist/sub-store.no-bundle.js'),
+        content,
+        {
+            encoding: 'utf8',
+        },
+    );
+
+    await build({
+        entryPoints: ['dist/sub-store.no-bundle.js'],
+        bundle: true,
+        minify: true,
+        sourcemap: false,
+        platform: 'node',
+        format: 'cjs',
+        outfile: 'dist/sub-store.bundle.js',
+    });
+    fs.writeFileSync(
+        path.join(__dirname, 'dist/sub-store.bundle.js'),
+        `// SUB_STORE_BACKEND_VERSION: ${version}
+${fs.readFileSync(path.join(__dirname, 'dist/sub-store.bundle.js'), {
+    encoding: 'utf8',
+})}`,
+        {
+            encoding: 'utf8',
+        },
+    );
+})()
+    .catch((e) => {
+        console.log(e);
+    })
+    .finally(() => {
+        console.log('done');
+    });

backend/bundle.js

@@ -3,23 +3,49 @@ const fs = require('fs');
 const path = require('path');
 const { build } = require('esbuild');
 
-let content = fs.readFileSync(path.join(__dirname, 'sub-store.min.js'), {
-    encoding: 'utf8',
-});
-content = content.replace(
-    /eval\(('|")(require\(('|").*?('|")\))('|")\)/g,
-    '$2',
-);
-fs.writeFileSync(path.join(__dirname, 'dist/sub-store.no-bundle.js'), content, {
-    encoding: 'utf8',
-});
+!(async () => {
+    const version = JSON.parse(
+        fs.readFileSync(path.join(__dirname, 'package.json'), 'utf-8'),
+    ).version.trim();
 
-build({
-    entryPoints: ['dist/sub-store.no-bundle.js'],
-    bundle: true,
-    minify: true,
-    sourcemap: true,
-    platform: 'node',
-    format: 'cjs',
-    outfile: 'dist/sub-store.bundle.js',
-});
+    let content = fs.readFileSync(path.join(__dirname, 'sub-store.min.js'), {
+        encoding: 'utf8',
+    });
+    content = content.replace(
+        /eval\(('|")(require\(('|").*?('|")\))('|")\)/g,
+        '$2',
+    );
+    fs.writeFileSync(
+        path.join(__dirname, 'dist/sub-store.no-bundle.js'),
+        content,
+        {
+            encoding: 'utf8',
+        },
+    );
+
+    await build({
+        entryPoints: ['dist/sub-store.no-bundle.js'],
+        bundle: true,
+        minify: true,
+        sourcemap: true,
+        platform: 'node',
+        format: 'cjs',
+        outfile: 'dist/sub-store.bundle.js',
+    });
+    fs.writeFileSync(
+        path.join(__dirname, 'dist/sub-store.bundle.js'),
+        `// SUB_STORE_BACKEND_VERSION: ${version}
+${fs.readFileSync(path.join(__dirname, 'dist/sub-store.bundle.js'), {
+    encoding: 'utf8',
+})}`,
+        {
+            encoding: 'utf8',
+        },
+    );
+})()
+    .catch((e) => {
+        console.log(e);
+    })
+    .finally(() => {
+        console.log('done');
+    });

backend/dev-esbuild.js

@@ -0,0 +1,24 @@
+#!/usr/bin/env node
+const { build } = require('esbuild');
+
+!(async () => {
+    const artifacts = [{ src: 'src/main.js', dest: 'sub-store.min.js' }];
+
+    for await (const artifact of artifacts) {
+        await build({
+            entryPoints: [artifact.src],
+            bundle: true,
+            minify: false,
+            sourcemap: false,
+            platform: 'node',
+            format: 'cjs',
+            outfile: artifact.dest,
+        });
+    }
+})()
+    .catch((e) => {
+        console.log(e);
+    })
+    .finally(() => {
+        console.log('done');
+    });

backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sub-store",
-  "version": "2.14.132",
+  "version": "2.14.406",
   "description": "Advanced Subscription Manager for QX, Loon, Surge, Stash and ShadowRocket.",
   "main": "src/main.js",
   "scripts": {
@@ -8,18 +8,27 @@
     "test": "gulp peggy && npx cross-env BABEL_ENV=test mocha src/test/**/*.spec.js --require @babel/register --recursive",
     "serve": "node sub-store.min.js",
     "start": "nodemon -w src -w package.json --exec babel-node src/main.js",
+    "dev:esbuild": "nodemon -w src -w package.json dev-esbuild.js",
+    "dev:run": "nodemon -w sub-store.min.js sub-store.min.js",
     "build": "gulp",
-    "bundle": "node bundle.js"
+    "bundle": "node bundle.js",
+    "changelog": "conventional-changelog -p cli -i CHANGELOG.md -s"
   },
   "author": "Peng-YM",
   "license": "GPL-3.0",
   "dependencies": {
+    "@maxmind/geoip2-node": "^5.0.0",
     "automerge": "1.0.1-preview.7",
     "body-parser": "^1.19.0",
+    "buffer": "^6.0.3",
     "connect-history-api-fallback": "^2.0.0",
+    "cron": "^3.1.6",
+    "dns-packet": "^5.6.1",
     "express": "^4.17.1",
     "http-proxy-middleware": "^2.0.6",
+    "ip-address": "^9.0.5",
     "js-base64": "^3.7.2",
+    "jsrsasign": "^11.1.0",
     "lodash": "^4.17.21",
     "request": "^2.88.2",
     "requests": "^0.3.0",

backend/pnpm-lock.yaml

@@ -5,24 +5,42 @@ settings:
   excludeLinksFromLockfile: false
 
 dependencies:
+  '@maxmind/geoip2-node':
+    specifier: ^5.0.0
+    version: registry.npmmirror.com/@maxmind/geoip2-node@5.0.0
   automerge:
     specifier: 1.0.1-preview.7
     version: registry.npmmirror.com/automerge@1.0.1-preview.7
   body-parser:
     specifier: ^1.19.0
     version: registry.npmmirror.com/body-parser@1.19.0
+  buffer:
+    specifier: ^6.0.3
+    version: registry.npmmirror.com/buffer@6.0.3
   connect-history-api-fallback:
     specifier: ^2.0.0
     version: registry.npmmirror.com/connect-history-api-fallback@2.0.0
+  cron:
+    specifier: ^3.1.6
+    version: registry.npmmirror.com/cron@3.1.6
+  dns-packet:
+    specifier: ^5.6.1
+    version: registry.npmmirror.com/dns-packet@5.6.1
   express:
     specifier: ^4.17.1
     version: registry.npmmirror.com/express@4.17.1
   http-proxy-middleware:
     specifier: ^2.0.6
     version: registry.npmmirror.com/http-proxy-middleware@2.0.6
+  ip-address:
+    specifier: ^9.0.5
+    version: registry.npmmirror.com/ip-address@9.0.5
   js-base64:
     specifier: ^3.7.2
     version: registry.npmmirror.com/js-base64@3.7.2
+  jsrsasign:
+    specifier: ^11.1.0
+    version: registry.npmmirror.com/jsrsasign@11.1.0
   lodash:
     specifier: ^4.17.21
     version: registry.npmmirror.com/lodash@4.17.21
@@ -162,11 +180,6 @@ packages:
     dev: true
     optional: true
 
-  /source-map@0.6.1:
-    resolution: {integrity: sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==}
-    engines: {node: '>=0.10.0'}
-    dev: true
-
   registry.npmmirror.com/@ampproject/remapping@2.2.0:
     resolution: {integrity: sha512-qRmjj8nj9qmLTQXXmaR1cck3UXSRMPrbsLJAasZpF+t3riI71BXed5ebIOYwQntykeZuhjsdweEc9BxH5Jc26w==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/@ampproject/remapping/-/remapping-2.2.0.tgz}
     name: '@ampproject/remapping'
@@ -1969,6 +1982,21 @@ packages:
       '@jridgewell/sourcemap-codec': registry.npmmirror.com/@jridgewell/sourcemap-codec@1.4.13
     dev: true
 
+  registry.npmmirror.com/@leichtgewicht/ip-codec@2.0.5:
+    resolution: {integrity: sha512-Vo+PSpZG2/fmgmiNzYK9qWRh8h/CHrwD0mo1h1DzL4yzHNSfWYujGTYsWGreD000gcgmZ7K4Ys6Tx9TxtsKdDw==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/@leichtgewicht/ip-codec/-/ip-codec-2.0.5.tgz}
+    name: '@leichtgewicht/ip-codec'
+    version: 2.0.5
+    dev: false
+
+  registry.npmmirror.com/@maxmind/geoip2-node@5.0.0:
+    resolution: {integrity: sha512-ki+q5//oU4tZ3BAhegZJcB5czoZyic5JSTEKbrUAQB/BzAoAiGyLW0immEmQvVVyy2SMlvBTJ3zqyRj8K9BbwQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/@maxmind/geoip2-node/-/geoip2-node-5.0.0.tgz}
+    name: '@maxmind/geoip2-node'
+    version: 5.0.0
+    dependencies:
+      ip6addr: registry.npmmirror.com/ip6addr@0.2.5
+      maxmind: registry.npmmirror.com/maxmind@4.3.19
+    dev: false
+
   registry.npmmirror.com/@sindresorhus/is@0.14.0:
     resolution: {integrity: sha512-9NET910DNaIPngYnLLPeg+Ogzqsi9uM4mSboU5y6p8S5DzMTVEsJZrawi+BoDNUVBa2DhJqQYUFvMDfgU062LQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/@sindresorhus/is/-/is-0.14.0.tgz}
     name: '@sindresorhus/is'
@@ -2056,6 +2084,12 @@ packages:
       '@types/node': registry.npmmirror.com/@types/node@17.0.35
     dev: true
 
+  registry.npmmirror.com/@types/luxon@3.3.8:
+    resolution: {integrity: sha512-jYvz8UMLDgy3a5SkGJne8H7VA7zPV2Lwohjx0V8V31+SqAjNmurWMkk9cQhfvlcnXWudBpK9xPM1n4rljOcHYQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/@types/luxon/-/luxon-3.3.8.tgz}
+    name: '@types/luxon'
+    version: 3.3.8
+    dev: false
+
   registry.npmmirror.com/@types/minimatch@3.0.5:
     resolution: {integrity: sha512-Klz949h02Gz2uZCMGwDUSDS1YBlTdDDgbWHi+81l29tQALUtvz4rAYi5uoVhE5Lagoq6DeqAUlbrHvW/mXDgdQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/@types/minimatch/-/minimatch-3.0.5.tgz}
     name: '@types/minimatch'
@@ -2688,7 +2722,6 @@ packages:
     resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/base64-js/-/base64-js-1.5.1.tgz}
     name: base64-js
     version: 1.5.1
-    dev: true
 
   registry.npmmirror.com/base@0.11.2:
     resolution: {integrity: sha512-5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/base/-/base-0.11.2.tgz}
@@ -3059,6 +3092,15 @@ packages:
       ieee754: registry.npmmirror.com/ieee754@1.2.1
     dev: true
 
+  registry.npmmirror.com/buffer@6.0.3:
+    resolution: {integrity: sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/buffer/-/buffer-6.0.3.tgz}
+    name: buffer
+    version: 6.0.3
+    dependencies:
+      base64-js: registry.npmmirror.com/base64-js@1.5.1
+      ieee754: registry.npmmirror.com/ieee754@1.2.1
+    dev: false
+
   registry.npmmirror.com/builtin-status-codes@3.0.0:
     resolution: {integrity: sha512-HpGFw18DgFWlncDfjTa2rcQ4W88O1mC8e8yZ2AvQY5KDaktSTwo+KRf6nHK6FRI5FyRyb/5T6+TSxfP7QyGsmQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz}
     name: builtin-status-codes
@@ -3696,6 +3738,15 @@ packages:
       sha.js: registry.npmmirror.com/sha.js@2.4.11
     dev: true
 
+  registry.npmmirror.com/cron@3.1.6:
+    resolution: {integrity: sha512-cvFiQCeVzsA+QPM6fhjBtlKGij7tLLISnTSvFxVdnFGLdz+ZdXN37kNe0i2gefmdD17XuZA6n2uPVwzl4FxW/w==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/cron/-/cron-3.1.6.tgz}
+    name: cron
+    version: 3.1.6
+    dependencies:
+      '@types/luxon': registry.npmmirror.com/@types/luxon@3.3.8
+      luxon: registry.npmmirror.com/luxon@3.4.4
+    dev: false
+
   registry.npmmirror.com/cross-spawn@7.0.3:
     resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/cross-spawn/-/cross-spawn-7.0.3.tgz}
     name: cross-spawn
@@ -4019,6 +4070,15 @@ packages:
       randombytes: registry.npmmirror.com/randombytes@2.1.0
     dev: true
 
+  registry.npmmirror.com/dns-packet@5.6.1:
+    resolution: {integrity: sha512-l4gcSouhcgIKRvyy99RNVOgxXiicE+2jZoNmaNmZ6JXiGajBOJAesk1OBlJuM5k2c+eudGdLxDqXuPCKIj6kpw==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/dns-packet/-/dns-packet-5.6.1.tgz}
+    name: dns-packet
+    version: 5.6.1
+    engines: {node: '>=6'}
+    dependencies:
+      '@leichtgewicht/ip-codec': registry.npmmirror.com/@leichtgewicht/ip-codec@2.0.5
+    dev: false
+
   registry.npmmirror.com/doctrine@3.0.0:
     resolution: {integrity: sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/doctrine/-/doctrine-3.0.0.tgz}
     name: doctrine
@@ -5846,7 +5906,6 @@ packages:
     resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/ieee754/-/ieee754-1.2.1.tgz}
     name: ieee754
     version: 1.2.1
-    dev: true
 
   registry.npmmirror.com/ignore-by-default@1.0.1:
     resolution: {integrity: sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz}
@@ -5975,6 +6034,25 @@ packages:
     engines: {node: '>=0.10.0'}
     dev: true
 
+  registry.npmmirror.com/ip-address@9.0.5:
+    resolution: {integrity: sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/ip-address/-/ip-address-9.0.5.tgz}
+    name: ip-address
+    version: 9.0.5
+    engines: {node: '>= 12'}
+    dependencies:
+      jsbn: registry.npmmirror.com/jsbn@1.1.0
+      sprintf-js: registry.npmmirror.com/sprintf-js@1.1.3
+    dev: false
+
+  registry.npmmirror.com/ip6addr@0.2.5:
+    resolution: {integrity: sha512-9RGGSB6Zc9Ox5DpDGFnJdIeF0AsqXzdH+FspCfPPaU/L/4tI6P+5lIoFUFm9JXs9IrJv1boqAaNCQmoDADTSKQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/ip6addr/-/ip6addr-0.2.5.tgz}
+    name: ip6addr
+    version: 0.2.5
+    dependencies:
+      assert-plus: registry.npmmirror.com/assert-plus@1.0.0
+      jsprim: registry.npmmirror.com/jsprim@2.0.2
+    dev: false
+
   registry.npmmirror.com/ipaddr.js@1.9.1:
     resolution: {integrity: sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/ipaddr.js/-/ipaddr.js-1.9.1.tgz}
     name: ipaddr.js
@@ -6511,6 +6589,12 @@ packages:
     version: 0.1.1
     dev: false
 
+  registry.npmmirror.com/jsbn@1.1.0:
+    resolution: {integrity: sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/jsbn/-/jsbn-1.1.0.tgz}
+    name: jsbn
+    version: 1.1.0
+    dev: false
+
   registry.npmmirror.com/jsesc@0.5.0:
     resolution: {integrity: sha512-uZz5UnB7u4T9LvwmFqXii7pZSouaRPorGs5who1Ip7VO0wxanFvBL7GkM6dTHlgX+jhBApRetaWpnDabOeTcnA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/jsesc/-/jsesc-0.5.0.tgz}
     name: jsesc
@@ -6543,6 +6627,12 @@ packages:
     version: 0.2.3
     dev: false
 
+  registry.npmmirror.com/json-schema@0.4.0:
+    resolution: {integrity: sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/json-schema/-/json-schema-0.4.0.tgz}
+    name: json-schema
+    version: 0.4.0
+    dev: false
+
   registry.npmmirror.com/json-stable-stringify-without-jsonify@1.0.1:
     resolution: {integrity: sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz}
     name: json-stable-stringify-without-jsonify
@@ -6582,6 +6672,24 @@ packages:
       verror: registry.npmmirror.com/verror@1.10.0
     dev: false
 
+  registry.npmmirror.com/jsprim@2.0.2:
+    resolution: {integrity: sha512-gqXddjPqQ6G40VdnI6T6yObEC+pDNvyP95wdQhkWkg7crHH3km5qP1FsOXEkzEQwnz6gz5qGTn1c2Y52wP3OyQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/jsprim/-/jsprim-2.0.2.tgz}
+    name: jsprim
+    version: 2.0.2
+    engines: {'0': node >=0.6.0}
+    dependencies:
+      assert-plus: registry.npmmirror.com/assert-plus@1.0.0
+      extsprintf: registry.npmmirror.com/extsprintf@1.3.0
+      json-schema: registry.npmmirror.com/json-schema@0.4.0
+      verror: registry.npmmirror.com/verror@1.10.0
+    dev: false
+
+  registry.npmmirror.com/jsrsasign@11.1.0:
+    resolution: {integrity: sha512-Ov74K9GihaK9/9WncTe1mPmvrO7Py665TUfUKvraXBpu+xcTWitrtuOwcjf4KMU9maPaYn0OuaWy0HOzy/GBXg==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/jsrsasign/-/jsrsasign-11.1.0.tgz}
+    name: jsrsasign
+    version: 11.1.0
+    dev: false
+
   registry.npmmirror.com/just-debounce@1.1.0:
     resolution: {integrity: sha512-qpcRocdkUmf+UTNBYx5w6dexX5J31AKK1OmPwH630a83DdVVUIngk55RSAiIGpQyoH0dlr872VHfPjnQnK1qDQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/just-debounce/-/just-debounce-1.1.0.tgz}
     name: just-debounce
@@ -6851,6 +6959,13 @@ packages:
     dependencies:
       yallist: registry.npmmirror.com/yallist@4.0.0
 
+  registry.npmmirror.com/luxon@3.4.4:
+    resolution: {integrity: sha512-zobTr7akeGHnv7eBOXcRgMeCP6+uyYsczwmeRCauvpvaAltgNyTbLH/+VaEAPUeWBT+1GuNmz4wC/6jtQzbbVA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/luxon/-/luxon-3.4.4.tgz}
+    name: luxon
+    version: 3.4.4
+    engines: {node: '>=12'}
+    dev: false
+
   registry.npmmirror.com/magic-string@0.23.2:
     resolution: {integrity: sha512-oIUZaAxbcxYIp4AyLafV6OVKoB3YouZs0UTCJ8mOKBHNyJgGDaMJ4TgA+VylJh6fx7EQCC52XkbURxxG9IoJXA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/magic-string/-/magic-string-0.23.2.tgz}
     name: magic-string
@@ -6923,6 +7038,16 @@ packages:
       - supports-color
     dev: true
 
+  registry.npmmirror.com/maxmind@4.3.19:
+    resolution: {integrity: sha512-Bu/VEN7ZWAOCjifdZaXJQuN6/yO7+OK35pnJsqmz8sOndK3KQFvJoY+6HX09/MmLLqtCfa+sMK0iaQOaTejGNA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/maxmind/-/maxmind-4.3.19.tgz}
+    name: maxmind
+    version: 4.3.19
+    engines: {node: '>=12', npm: '>=6'}
+    dependencies:
+      mmdb-lib: registry.npmmirror.com/mmdb-lib@2.1.0
+      tiny-lru: registry.npmmirror.com/tiny-lru@11.2.6
+    dev: false
+
   registry.npmmirror.com/md5.js@1.3.5:
     resolution: {integrity: sha512-xitP+WxNPcTTOgnTJcrhM0xvdPepipPSf3I8EIpGKeFLjt3PlJLIDG3u8EX53ZIubkb+5U2+3rELYpEhHhzdkg==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/md5.js/-/md5.js-1.3.5.tgz}
     name: md5.js
@@ -7112,6 +7237,13 @@ packages:
     version: 0.5.3
     dev: true
 
+  registry.npmmirror.com/mmdb-lib@2.1.0:
+    resolution: {integrity: sha512-tdDTZmnI5G4UoSctv2KxM/3VQt2XRj4CmR5R4VsAWsOUcS3LysHR34wtixWm/pXxXdkBDuN92auxkC0T2+qd1Q==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/mmdb-lib/-/mmdb-lib-2.1.0.tgz}
+    name: mmdb-lib
+    version: 2.1.0
+    engines: {node: '>=10', npm: '>=6'}
+    dev: false
+
   registry.npmmirror.com/mocha@10.0.0:
     resolution: {integrity: sha512-0Wl+elVUD43Y0BqPZBzZt8Tnkw9CMUdNYnUsTfOM1vuhJVZL+kiesFYsqwBkEEuEixaiPe5ZQdqDgX2jddhmoA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/mocha/-/mocha-10.0.0.tgz}
     name: mocha
@@ -8982,6 +9114,12 @@ packages:
     version: 1.0.3
     dev: false
 
+  registry.npmmirror.com/sprintf-js@1.1.3:
+    resolution: {integrity: sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/sprintf-js/-/sprintf-js-1.1.3.tgz}
+    name: sprintf-js
+    version: 1.1.3
+    dev: false
+
   registry.npmmirror.com/sshpk@1.16.1:
     resolution: {integrity: sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/sshpk/-/sshpk-1.16.1.tgz}
     name: sshpk
@@ -9320,7 +9458,7 @@ packages:
     dependencies:
       acorn: registry.npmmirror.com/acorn@8.7.1
       commander: registry.npmmirror.com/commander@2.20.3
-      source-map: 0.6.1
+      source-map: registry.npmmirror.com/source-map@0.6.1
       source-map-support: registry.npmmirror.com/source-map-support@0.5.21
     dev: true
 
@@ -9404,6 +9542,13 @@ packages:
       process: registry.npmmirror.com/process@0.11.10
     dev: true
 
+  registry.npmmirror.com/tiny-lru@11.2.6:
+    resolution: {integrity: sha512-0PU3c9PjMnltZaFo2sGYv/nnJsMjG0Cxx8X6FXHPPGjFyoo1SJDxvUXW1207rdiSxYizf31roo+GrkIByQeZoA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/tiny-lru/-/tiny-lru-11.2.6.tgz}
+    name: tiny-lru
+    version: 11.2.6
+    engines: {node: '>=12'}
+    dev: false
+
   registry.npmmirror.com/tinyify@3.0.0:
     resolution: {integrity: sha512-RtjVjC1xwwxt8AMVfxEmo+FzRJB6p5sAOtFaJj8vMrkWShtArsM4dLVRWhx2Vc07Me3NWgmP7pi9UPm/a2XNNA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/tinyify/-/tinyify-3.0.0.tgz}
     name: tinyify

backend/src/constants.js

@@ -10,6 +10,8 @@ export const GIST_BACKUP_KEY = 'Auto Generated Sub-Store Backup';
 export const GIST_BACKUP_FILE_NAME = 'Sub-Store';
 export const ARTIFACT_REPOSITORY_KEY = 'Sub-Store Artifacts Repository';
 export const RESOURCE_CACHE_KEY = '#sub-store-cached-resource';
+export const HEADERS_RESOURCE_CACHE_KEY = '#sub-store-cached-headers-resource';
+export const CHR_EXPIRATION_TIME_KEY = '#sub-store-chr-expiration-time'; // Custom expiration time key; (Loon|Surge) Default write 1 min
 export const CACHE_EXPIRATION_TIME_MS = 60 * 60 * 1000; // 1 hour
 export const SCRIPT_RESOURCE_CACHE_KEY = '#sub-store-cached-script-resource'; // cached-script-resource CSR
 export const CSR_EXPIRATION_TIME_KEY = '#sub-store-csr-expiration-time'; // Custom expiration time key; (Loon|Surge) Default write 48 hour

backend/src/core/proxy-utils/index.js

@@ -1,10 +1,26 @@
+import { Buffer } from 'buffer';
+import rs from '@/utils/rs';
+import YAML from '@/utils/yaml';
 import download from '@/utils/download';
-import { isIPv4, isIPv6 } from '@/utils';
+import {
+    isIPv4,
+    isIPv6,
+    isValidPortNumber,
+    isNotBlank,
+    ipAddress,
+    getRandomPort,
+    numberToString,
+} from '@/utils';
 import PROXY_PROCESSORS, { ApplyProcessor } from './processors';
 import PROXY_PREPROCESSORS from './preprocessors';
 import PROXY_PRODUCERS from './producers';
 import PROXY_PARSERS from './parsers';
 import $ from '@/core/app';
+import { FILES_KEY, MODULES_KEY } from '@/constants';
+import { findByName } from '@/utils/database';
+import { produceArtifact } from '@/restful/sync';
+import { getFlag, removeFlag, getISO, MMDB } from '@/utils/geo';
+import Gist from '@/utils/gist';
 
 function preprocess(raw) {
     for (const processor of PROXY_PREPROCESSORS) {
@@ -59,11 +75,16 @@ function parse(raw) {
             $.error(`Failed to parse line: ${line}`);
         }
     }
-
     return proxies;
 }
 
-async function process(proxies, operators = [], targetPlatform, source) {
+async function processFn(
+    proxies,
+    operators = [],
+    targetPlatform,
+    source,
+    $options,
+) {
     for (const item of operators) {
         // process script
         let script;
@@ -72,7 +93,7 @@ async function process(proxies, operators = [], targetPlatform, source) {
             const { mode, content } = item.args;
             if (mode === 'link') {
                 let noCache;
-                let url = content;
+                let url = content || '';
                 if (url.endsWith('#noCache')) {
                     url = url.replace(/#noCache$/, '');
                     noCache = true;
@@ -95,18 +116,50 @@ async function process(proxies, operators = [], targetPlatform, source) {
                         }
                     }
                 }
+                url = `${url.split('#')[0]}${noCache ? '#noCache' : ''}`;
+                const downloadUrlMatch = url.match(
+                    /^\/api\/(file|module)\/(.+)/,
+                );
+                if (downloadUrlMatch) {
+                    let type = '';
+                    try {
+                        type = downloadUrlMatch?.[1];
+                        let name = downloadUrlMatch?.[2];
+                        if (name == null) {
+                            throw new Error(`本地 ${type} URL 无效: ${url}`);
+                        }
+                        name = decodeURIComponent(name);
+                        const key = type === 'module' ? MODULES_KEY : FILES_KEY;
+                        const item = findByName($.read(key), name);
+                        if (!item) {
+                            throw new Error(`找不到 ${type}: ${name}`);
+                        }
 
-                // if this is a remote script, download it
-                try {
-                    script = await download(
-                        `${url.split('#')[0]}${noCache ? '#noCache' : ''}`,
-                    );
-                    // $.info(`Script loaded: >>>\n ${script}`);
-                } catch (err) {
-                    $.error(
-                        `Error when downloading remote script: ${item.args.content}.\n Reason: ${err}`,
-                    );
-                    throw new Error(`无法下载脚本: ${url}`);
+                        if (type === 'module') {
+                            script = item.content;
+                        } else {
+                            script = await produceArtifact({
+                                type: 'file',
+                                name,
+                            });
+                        }
+                    } catch (err) {
+                        $.error(
+                            `Error when loading ${type}: ${item.args.content}.\n Reason: ${err}`,
+                        );
+                        throw new Error(`无法加载 ${type}: ${url}`);
+                    }
+                } else {
+                    // if this is a remote script, download it
+                    try {
+                        script = await download(url);
+                        // $.info(`Script loaded: >>>\n ${script}`);
+                    } catch (err) {
+                        $.error(
+                            `Error when downloading remote script: ${item.args.content}.\n Reason: ${err}`,
+                        );
+                        throw new Error(`无法下载脚本: ${url}`);
+                    }
                 }
             } else {
                 script = content;
@@ -118,7 +171,7 @@ async function process(proxies, operators = [], targetPlatform, source) {
             continue;
         }
 
-        $.info(
+        $.log(
             `Applying "${item.type}" with arguments:\n >>> ${
                 JSON.stringify(item.args, null, 2) || 'None'
             }`,
@@ -130,6 +183,7 @@ async function process(proxies, operators = [], targetPlatform, source) {
                 targetPlatform,
                 $arguments,
                 source,
+                $options,
             );
         } else {
             processor = PROXY_PROCESSORS[item.type](item.args || {});
@@ -139,35 +193,61 @@ async function process(proxies, operators = [], targetPlatform, source) {
     return proxies;
 }
 
-function produce(proxies, targetPlatform, type) {
+function produce(proxies, targetPlatform, type, opts = {}) {
     const producer = PROXY_PRODUCERS[targetPlatform];
     if (!producer) {
         throw new Error(`Target platform: ${targetPlatform} is not supported!`);
     }
 
+    const sni_off_supported = /Surge|SurgeMac|Shadowrocket/i.test(
+        targetPlatform,
+    );
+
     // filter unsupported proxies
     proxies = proxies.filter(
         (proxy) =>
             !(proxy.supported && proxy.supported[targetPlatform] === false),
     );
 
-    $.info(`Producing proxies for target: ${targetPlatform}`);
+    proxies = proxies.map((proxy) => {
+        proxy._resolved = proxy.resolved;
+
+        if (!isNotBlank(proxy.name)) {
+            proxy.name = `${proxy.type} ${proxy.server}:${proxy.port}`;
+        }
+        if (proxy['disable-sni']) {
+            if (sni_off_supported) {
+                proxy.sni = 'off';
+            } else if (!['tuic'].includes(proxy.type)) {
+                $.error(
+                    `Target platform ${targetPlatform} does not support sni off. Proxy's fields (sni, tls-fingerprint and skip-cert-verify) will be modified.`,
+                );
+                proxy.sni = '';
+                proxy['skip-cert-verify'] = true;
+                delete proxy['tls-fingerprint'];
+            }
+        }
+
+        // 处理 端口跳跃
+        if (proxy.ports) {
+            proxy.ports = String(proxy.ports);
+            if (!['ClashMeta'].includes(targetPlatform)) {
+                proxy.ports = proxy.ports.replace(/\//g, ',');
+            }
+            if (!proxy.port) {
+                proxy.port = getRandomPort(proxy.ports);
+            }
+        }
+
+        return proxy;
+    });
+
+    $.log(`Producing proxies for target: ${targetPlatform}`);
     if (typeof producer.type === 'undefined' || producer.type === 'SINGLE') {
-        let localPort = 10000;
-        return proxies
+        let list = proxies
             .map((proxy) => {
                 try {
-                    let line = producer.produce(proxy, type);
-                    if (
-                        line.length > 0 &&
-                        line.includes('__SubStoreLocalPort__')
-                    ) {
-                        line = line.replace(
-                            /__SubStoreLocalPort__/g,
-                            localPort++,
-                        );
-                    }
-                    return line;
+                    return producer.produce(proxy, type, opts);
                 } catch (err) {
                     $.error(
                         `Cannot produce proxy: ${JSON.stringify(
@@ -179,20 +259,40 @@ function produce(proxies, targetPlatform, type) {
                     return '';
                 }
             })
-            .filter((line) => line.length > 0)
-            .join('\n');
+            .filter((line) => line.length > 0);
+        list = type === 'internal' ? list : list.join('\n');
+        if (
+            targetPlatform.startsWith('Surge') &&
+            proxies.length > 0 &&
+            proxies.every((p) => p.type === 'wireguard')
+        ) {
+            list = `#!name=${proxies[0]?._subName}
+#!desc=${proxies[0]?._desc ?? ''}
+#!category=${proxies[0]?._category ?? ''}
+${list}`;
+        }
+        return list;
     } else if (producer.type === 'ALL') {
-        return producer.produce(proxies, type);
+        return producer.produce(proxies, type, opts);
     }
 }
 
 export const ProxyUtils = {
     parse,
-    process,
+    process: processFn,
     produce,
+    ipAddress,
+    getRandomPort,
     isIPv4,
     isIPv6,
     isIP,
+    yaml: YAML,
+    getFlag,
+    removeFlag,
+    getISO,
+    MMDB,
+    Gist,
+    download,
 };
 
 function tryParse(parser, line) {
@@ -213,43 +313,102 @@ function safeMatch(parser, line) {
     }
 }
 
+function formatTransportPath(path) {
+    if (typeof path === 'string' || typeof path === 'number') {
+        path = String(path).trim();
+
+        if (path === '') {
+            return '/';
+        } else if (!path.startsWith('/')) {
+            return '/' + path;
+        }
+    }
+    return path;
+}
+
 function lastParse(proxy) {
+    if (typeof proxy.password === 'number') {
+        proxy.password = numberToString(proxy.password);
+    }
+    if (proxy.interface) {
+        proxy['interface-name'] = proxy.interface;
+        delete proxy.interface;
+    }
+    if (isValidPortNumber(proxy.port)) {
+        proxy.port = parseInt(proxy.port, 10);
+    }
     if (proxy.server) {
-        proxy.server = proxy.server
+        proxy.server = `${proxy.server}`
             .trim()
             .replace(/^\[/, '')
             .replace(/\]$/, '');
     }
+    if (proxy.network === 'ws') {
+        if (!proxy['ws-opts'] && (proxy['ws-path'] || proxy['ws-headers'])) {
+            proxy['ws-opts'] = {};
+            if (proxy['ws-path']) {
+                proxy['ws-opts'].path = proxy['ws-path'];
+            }
+            if (proxy['ws-headers']) {
+                proxy['ws-opts'].headers = proxy['ws-headers'];
+            }
+        }
+        delete proxy['ws-path'];
+        delete proxy['ws-headers'];
+    }
+
+    const transportPath = proxy[`${proxy.network}-opts`]?.path;
+
+    if (Array.isArray(transportPath)) {
+        proxy[`${proxy.network}-opts`].path = transportPath.map((item) =>
+            formatTransportPath(item),
+        );
+    } else if (transportPath != null) {
+        proxy[`${proxy.network}-opts`].path =
+            formatTransportPath(transportPath);
+    }
+
     if (proxy.type === 'trojan') {
         if (proxy.network === 'tcp') {
             delete proxy.network;
         }
     }
-    if (['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(proxy.type)) {
+    if (['vless'].includes(proxy.type)) {
+        if (!proxy.network) {
+            proxy.network = 'tcp';
+        }
+    }
+    if (
+        ['trojan', 'tuic', 'hysteria', 'hysteria2', 'juicity'].includes(
+            proxy.type,
+        )
+    ) {
         proxy.tls = true;
     }
     if (proxy.network) {
         let transportHost = proxy[`${proxy.network}-opts`]?.headers?.Host;
         let transporthost = proxy[`${proxy.network}-opts`]?.headers?.host;
-        if (transporthost && !transportHost) {
+        if (proxy.network === 'h2') {
+            if (!transporthost && transportHost) {
+                proxy[`${proxy.network}-opts`].headers.host = transportHost;
+                delete proxy[`${proxy.network}-opts`].headers.Host;
+            }
+        } else if (transporthost && !transportHost) {
             proxy[`${proxy.network}-opts`].headers.Host = transporthost;
             delete proxy[`${proxy.network}-opts`].headers.host;
         }
     }
-    if (proxy.tls && !proxy.sni) {
-        if (proxy.network) {
-            let transportHost = proxy[`${proxy.network}-opts`]?.headers?.Host;
-            transportHost = Array.isArray(transportHost)
-                ? transportHost[0]
-                : transportHost;
-            if (transportHost) {
-                proxy.sni = transportHost;
-            }
+    if (proxy.network === 'h2') {
+        const host = proxy['h2-opts']?.headers?.host;
+        const path = proxy['h2-opts']?.path;
+        if (host && !Array.isArray(host)) {
+            proxy['h2-opts'].headers.host = [host];
         }
-        if (!proxy.sni && !isIP(proxy.server)) {
-            proxy.sni = proxy.server;
+        if (Array.isArray(path)) {
+            proxy['h2-opts'].path = path[0];
         }
     }
+
     // 非 tls, 有 ws/http 传输层, 使用域名的节点, 将设置传输层 Host 防止之后域名解析后丢失域名(不覆盖现有的 Host)
     if (
         !proxy.tls &&
@@ -276,9 +435,122 @@ function lastParse(proxy) {
             proxy[`${proxy.network}-opts`].path = [transportPath];
         }
     }
-    if (['hysteria', 'hysteria2'].includes(proxy.type) && !proxy.ports) {
+    if (proxy.tls && !proxy.sni) {
+        if (!isIP(proxy.server)) {
+            proxy.sni = proxy.server;
+        }
+        if (!proxy.sni && proxy.network) {
+            let transportHost = proxy[`${proxy.network}-opts`]?.headers?.Host;
+            transportHost = Array.isArray(transportHost)
+                ? transportHost[0]
+                : transportHost;
+            if (transportHost) {
+                proxy.sni = transportHost;
+            }
+        }
+    }
+    // if (['hysteria', 'hysteria2', 'tuic'].includes(proxy.type)) {
+    if (proxy.ports) {
+        proxy.ports = String(proxy.ports).replace(/\//g, ',');
+    } else {
         delete proxy.ports;
     }
+    // }
+    if (
+        ['hysteria2'].includes(proxy.type) &&
+        proxy.obfs &&
+        !['salamander'].includes(proxy.obfs) &&
+        !proxy['obfs-password']
+    ) {
+        proxy['obfs-password'] = proxy.obfs;
+        proxy.obfs = 'salamander';
+    }
+    if (['vless'].includes(proxy.type)) {
+        // 删除 reality-opts: {}
+        if (
+            proxy['reality-opts'] &&
+            Object.keys(proxy['reality-opts']).length === 0
+        ) {
+            delete proxy['reality-opts'];
+        }
+        // 删除 grpc-opts: {}
+        if (
+            proxy['grpc-opts'] &&
+            Object.keys(proxy['grpc-opts']).length === 0
+        ) {
+            delete proxy['grpc-opts'];
+        }
+        // 非 reality, 空 flow 没有意义
+        if (!proxy['reality-opts'] && !proxy.flow) {
+            delete proxy.flow;
+        }
+        if (['http'].includes(proxy.network)) {
+            let transportPath = proxy[`${proxy.network}-opts`]?.path;
+            if (!transportPath) {
+                if (!proxy[`${proxy.network}-opts`]) {
+                    proxy[`${proxy.network}-opts`] = {};
+                }
+                proxy[`${proxy.network}-opts`].path = ['/'];
+            }
+        }
+    }
+
+    if (typeof proxy.name !== 'string') {
+        if (/^\d+$/.test(proxy.name)) {
+            proxy.name = `${proxy.name}`;
+        } else {
+            try {
+                if (proxy.name?.data) {
+                    proxy.name = Buffer.from(proxy.name.data).toString('utf8');
+                } else {
+                    proxy.name = Buffer.from(proxy.name).toString('utf8');
+                }
+            } catch (e) {
+                $.error(`proxy.name decode failed\nReason: ${e}`);
+                proxy.name = `${proxy.type} ${proxy.server}:${proxy.port}`;
+            }
+        }
+    }
+    if (['ws', 'http', 'h2'].includes(proxy.network)) {
+        if (
+            ['ws', 'h2'].includes(proxy.network) &&
+            !proxy[`${proxy.network}-opts`]?.path
+        ) {
+            proxy[`${proxy.network}-opts`] =
+                proxy[`${proxy.network}-opts`] || {};
+            proxy[`${proxy.network}-opts`].path = '/';
+        } else if (
+            proxy.network === 'http' &&
+            (!Array.isArray(proxy[`${proxy.network}-opts`]?.path) ||
+                proxy[`${proxy.network}-opts`]?.path.every((i) => !i))
+        ) {
+            proxy[`${proxy.network}-opts`] =
+                proxy[`${proxy.network}-opts`] || {};
+            proxy[`${proxy.network}-opts`].path = ['/'];
+        }
+    }
+    if (['', 'off'].includes(proxy.sni)) {
+        proxy['disable-sni'] = true;
+    }
+    let caStr = proxy['ca_str'];
+    if (proxy['ca-str']) {
+        caStr = proxy['ca-str'];
+    } else if (caStr) {
+        delete proxy['ca_str'];
+        proxy['ca-str'] = caStr;
+    }
+    try {
+        if ($.env.isNode && !caStr && proxy['_ca']) {
+            caStr = $.node.fs.readFileSync(proxy['_ca'], {
+                encoding: 'utf8',
+            });
+        }
+    } catch (e) {
+        $.error(`Read ca file failed\nReason: ${e}`);
+    }
+    if (!proxy['tls-fingerprint'] && caStr) {
+        proxy['tls-fingerprint'] = rs.generateFingerprint(caStr);
+    }
     return proxy;
 }
 

backend/src/core/proxy-utils/parsers/index.js

@@ -1,4 +1,12 @@
-import { getIfNotBlank, isPresent, isNotBlank, getIfPresent } from '@/utils';
+import {
+    isIPv4,
+    isIPv6,
+    getIfNotBlank,
+    isPresent,
+    isNotBlank,
+    getIfPresent,
+    getRandomPort,
+} from '@/utils';
 import getSurgeParser from './peggy/surge';
 import getLoonParser from './peggy/loon';
 import getQXParser from './peggy/qx';
@@ -6,9 +14,23 @@ import getTrojanURIParser from './peggy/trojan-uri';
 
 import { Base64 } from 'js-base64';
 
+function surge_port_hopping(raw) {
+    const [parts, port_hopping] =
+        raw.match(
+            /,\s*?port-hopping\s*?=\s*?["']?\s*?((\d+(-\d+)?)([,;]\d+(-\d+)?)*)\s*?["']?\s*?/,
+        ) || [];
+    return {
+        port_hopping: port_hopping
+            ? port_hopping.replace(/;/g, ',')
+            : undefined,
+        line: parts ? raw.replace(parts, '') : raw,
+    };
+}
+
 // Parse SS URI format (only supports new SIP002, legacy format is depreciated).
 // reference: https://github.com/shadowsocks/shadowsocks-org/wiki/SIP002-URI-Scheme
 function URI_SS() {
+    // TODO: 暂不支持 httpupgrade
     const name = 'URI SS Parser';
     const test = (line) => {
         return /^ss:\/\//.test(line);
@@ -25,8 +47,27 @@ function URI_SS() {
         // handle IPV4 and IPV6
         let serverAndPortArray = content.match(/@([^/]*)(\/|$)/);
         let userInfoStr = Base64.decode(content.split('@')[0]);
+        let query = '';
         if (!serverAndPortArray) {
+            if (content.includes('?')) {
+                const parsed = content.match(/^(.*)(\?.*)$/);
+                content = parsed[1];
+                query = parsed[2];
+            }
             content = Base64.decode(content);
+            if (query) {
+                if (/(&|\?)v2ray-plugin=/.test(query)) {
+                    const parsed = query.match(/(&|\?)v2ray-plugin=(.*?)(&|$)/);
+                    let v2rayPlugin = parsed[2];
+                    if (v2rayPlugin) {
+                        proxy.plugin = 'v2ray-plugin';
+                        proxy['plugin-opts'] = JSON.parse(
+                            Base64.decode(v2rayPlugin),
+                        );
+                    }
+                }
+                content = `${content}${query}`;
+            }
             userInfoStr = content.split('@')[0];
             serverAndPortArray = content.match(/@([^/]*)(\/|$)/);
         }
@@ -37,9 +78,9 @@ function URI_SS() {
             /\d+/,
         )?.[0];
 
-        const userInfo = userInfoStr.split(':');
-        proxy.cipher = userInfo[0];
-        proxy.password = userInfo[1];
+        const userInfo = userInfoStr.match(/(^.*?):(.*$)/);
+        proxy.cipher = userInfo[1];
+        proxy.password = userInfo[2];
 
         // handle obfs
         const idx = content.indexOf('?plugin=');
@@ -63,7 +104,7 @@ function URI_SS() {
                     };
                     break;
                 case 'v2ray-plugin':
-                    proxy.obfs = 'v2ray-plugin';
+                    proxy.plugin = 'v2ray-plugin';
                     proxy['plugin-opts'] = {
                         mode: 'websocket',
                         host: getIfNotBlank(params['obfs-host']),
@@ -77,6 +118,12 @@ function URI_SS() {
                     );
             }
         }
+        if (/(&|\?)uot=(1|true)/i.test(query)) {
+            proxy['udp-over-tcp'] = true;
+        }
+        if (/(&|\?)tfo=(1|true)/i.test(query)) {
+            proxy.tfo = true;
+        }
         return proxy;
     };
     return { name, test, parse };
@@ -125,7 +172,7 @@ function URI_SSR() {
             for (const item of line) {
                 let [key, val] = item.split('=');
                 val = val.trim();
-                if (val.length > 0) {
+                if (val.length > 0 && val !== '(null)') {
                     other_params[key] = val;
                 }
             }
@@ -241,11 +288,17 @@ function URI_VMess() {
                 params.port = port;
                 params.add = server;
             }
+            const server = params.add;
+            const port = parseInt(getIfPresent(params.port), 10);
             const proxy = {
-                name: params.ps ?? params.remarks,
+                name:
+                    params.ps ??
+                    params.remarks ??
+                    params.remark ??
+                    `VMess ${server}:${port}`,
                 type: 'vmess',
-                server: params.add,
-                port: parseInt(getIfPresent(params.port), 10),
+                server,
+                port,
                 cipher: getIfPresent(params.scy, 'auto'),
                 uuid: params.id,
                 alterId: parseInt(
@@ -257,20 +310,35 @@ function URI_VMess() {
                     ? !params.verify_cert
                     : undefined,
             };
+            if (!proxy['skip-cert-verify'] && isPresent(params.allowInsecure)) {
+                proxy['skip-cert-verify'] = /(TRUE)|1/i.test(
+                    params.allowInsecure,
+                );
+            }
             // https://github.com/2dust/v2rayN/wiki/%E5%88%86%E4%BA%AB%E9%93%BE%E6%8E%A5%E6%A0%BC%E5%BC%8F%E8%AF%B4%E6%98%8E(ver-2)
             if (proxy.tls && proxy.sni) {
                 proxy.sni = params.sni;
             }
+            let httpupgrade = false;
             // handle obfs
             if (params.net === 'ws' || params.obfs === 'websocket') {
                 proxy.network = 'ws';
             } else if (
-                ['tcp', 'http'].includes(params.net) ||
-                params.obfs === 'http'
+                ['http'].includes(params.net) ||
+                ['http'].includes(params.obfs) ||
+                ['http'].includes(params.type)
             ) {
                 proxy.network = 'http';
             } else if (['grpc'].includes(params.net)) {
                 proxy.network = 'grpc';
+            } else if (
+                params.net === 'httpupgrade' ||
+                proxy.network === 'httpupgrade'
+            ) {
+                proxy.network = 'ws';
+                httpupgrade = true;
+            } else if (params.net === 'h2' || proxy.network === 'h2') {
+                proxy.network = 'h2';
             }
             if (proxy.network) {
                 let transportHost = params.host ?? params.obfsParam;
@@ -286,6 +354,10 @@ function URI_VMess() {
 
                 if (proxy.network === 'http') {
                     if (transportHost) {
+                        // 1)http(tcp)->host中间逗号(,)隔开
+                        transportHost = transportHost
+                            .split(',')
+                            .map((i) => i.trim());
                         transportHost = Array.isArray(transportHost)
                             ? transportHost[0]
                             : transportHost;
@@ -294,8 +366,11 @@ function URI_VMess() {
                         transportPath = Array.isArray(transportPath)
                             ? transportPath[0]
                             : transportPath;
+                    } else {
+                        transportPath = '/';
                     }
                 }
+                // 传输层应该有配置, 暂时不考虑兼容不给配置的节点
                 if (transportPath || transportHost) {
                     if (['grpc'].includes(proxy.network)) {
                         proxy[`${proxy.network}-opts`] = {
@@ -303,20 +378,19 @@ function URI_VMess() {
                             '_grpc-type': getIfNotBlank(params.type),
                         };
                     } else {
-                        proxy[`${proxy.network}-opts`] = {
+                        const opts = {
                             path: getIfNotBlank(transportPath),
                             headers: { Host: getIfNotBlank(transportHost) },
                         };
+                        if (httpupgrade) {
+                            opts['v2ray-http-upgrade'] = true;
+                            opts['v2ray-http-upgrade-fast-open'] = true;
+                        }
+                        proxy[`${proxy.network}-opts`] = opts;
                     }
                 } else {
                     delete proxy.network;
                 }
-
-                // https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/docs/config.yaml#L413
-                // sni 优先级应高于 host
-                if (proxy.tls && !proxy.sni && transportHost) {
-                    proxy.sni = transportHost;
-                }
             }
             return proxy;
         }
@@ -331,12 +405,27 @@ function URI_VLESS() {
     };
     const parse = (line) => {
         line = line.split('vless://')[1];
+        let isShadowrocket;
+        let parsed = /^(.*?)@(.*?):(\d+)\/?(\?(.*?))?(?:#(.*?))?$/.exec(line);
+        if (!parsed) {
+            // eslint-disable-next-line no-unused-vars
+            let [_, base64, other] = /^(.*?)(\?.*?$)/.exec(line);
+            line = `${Base64.decode(base64)}${other}`;
+            parsed = /^(.*?)@(.*?):(\d+)\/?(\?(.*?))?(?:#(.*?))?$/.exec(line);
+            isShadowrocket = true;
+        }
         // eslint-disable-next-line no-unused-vars
-        let [__, uuid, server, port, addons, name] =
-            /^(.*?)@(.*?):(\d+)\/?\?(.*?)(?:#(.*?))$/.exec(line);
+        let [__, uuid, server, port, ___, addons = '', name] = parsed;
+        if (isShadowrocket) {
+            uuid = uuid.replace(/^.*?:/g, '');
+        }
+
         port = parseInt(`${port}`, 10);
         uuid = decodeURIComponent(uuid);
-        name = decodeURIComponent(name) ?? `VLESS ${server}:${port}`;
+        if (name != null) {
+            name = decodeURIComponent(name);
+        }
+
         const proxy = {
             type: 'vless',
             name,
@@ -352,9 +441,28 @@ function URI_VLESS() {
             params[key] = value;
         }
 
+        proxy.name =
+            name ??
+            params.remarks ??
+            params.remark ??
+            `VLESS ${server}:${port}`;
+
         proxy.tls = params.security && params.security !== 'none';
-        proxy.sni = params.sni;
+        if (isShadowrocket && /TRUE|1/i.test(params.tls)) {
+            proxy.tls = true;
+            params.security = params.security ?? 'reality';
+        }
+        proxy.sni = params.sni || params.peer;
         proxy.flow = params.flow;
+        if (!proxy.flow && isShadowrocket && params.xtls) {
+            // "none" is undefined
+            const flow = [undefined, 'xtls-rprx-direct', 'xtls-rprx-vision'][
+                params.xtls
+            ];
+            if (flow) {
+                proxy.flow = flow;
+            }
+        }
         proxy['client-fingerprint'] = params.fp;
         proxy.alpn = params.alpn ? params.alpn.split(',') : undefined;
         proxy['skip-cert-verify'] = /(TRUE)|1/i.test(params.allowInsecure);
@@ -368,37 +476,68 @@ function URI_VLESS() {
                 opts['short-id'] = params.sid;
             }
             if (Object.keys(opts).length > 0) {
+                // proxy[`${params.security}-opts`] = opts;
                 proxy[`${params.security}-opts`] = opts;
             }
         }
-
+        let httpupgrade = false;
         proxy.network = params.type;
+        if (proxy.network === 'tcp' && params.headerType === 'http') {
+            proxy.network = 'http';
+        } else if (proxy.network === 'httpupgrade') {
+            proxy.network = 'ws';
+            httpupgrade = true;
+        }
+        if (!proxy.network && isShadowrocket && params.obfs) {
+            proxy.network = params.obfs;
+        }
+        if (['websocket'].includes(proxy.network)) {
+            proxy.network = 'ws';
+        }
         if (proxy.network && !['tcp', 'none'].includes(proxy.network)) {
             const opts = {};
-            if (params.path) {
-                opts.path = params.path;
-            }
-            if (params.host) {
-                opts.headers = { Host: params.host };
+            const host = params.host ?? params.obfsParam;
+            if (host) {
+                if (params.obfsParam) {
+                    try {
+                        const parsed = JSON.parse(host);
+                        opts.headers = parsed;
+                    } catch (e) {
+                        opts.headers = { Host: host };
+                    }
+                } else {
+                    opts.headers = { Host: host };
+                }
             }
             if (params.serviceName) {
                 opts[`${proxy.network}-service-name`] = params.serviceName;
+            } else if (isShadowrocket && params.path) {
+                if (!['ws', 'http', 'h2'].includes(proxy.network)) {
+                    opts[`${proxy.network}-service-name`] = params.path;
+                    delete params.path;
+                }
+            }
+            if (params.path) {
+                opts.path = params.path;
             }
             // https://github.com/XTLS/Xray-core/issues/91
             if (['grpc'].includes(proxy.network)) {
                 opts['_grpc-type'] = params.mode || 'gun';
             }
+            if (httpupgrade) {
+                opts['v2ray-http-upgrade'] = true;
+                opts['v2ray-http-upgrade-fast-open'] = true;
+            }
             if (Object.keys(opts).length > 0) {
                 proxy[`${proxy.network}-opts`] = opts;
             }
-        }
-
-        if (proxy.tls && !proxy.sni) {
-            if (proxy.network === 'ws') {
-                proxy.sni = proxy['ws-opts']?.headers?.Host;
-            } else if (proxy.network === 'http') {
-                let httpHost = proxy['http-opts']?.headers?.Host;
-                proxy.sni = Array.isArray(httpHost) ? httpHost[0] : httpHost;
+            if (proxy.network === 'kcp') {
+                // mKCP 种子。省略时不使用种子，但不可以为空字符串。建议 mKCP 用户使用 seed。
+                if (params.seed) {
+                    proxy.seed = params.seed;
+                }
+                // mKCP 的伪装头部类型。当前可选值有 none / srtp / utp / wechat-video / dtls / wireguard。省略时默认值为 none，即不使用伪装头部，但不可以为空字符串。
+                proxy.headerType = params.headerType || 'none';
             }
         }
 
@@ -413,21 +552,54 @@ function URI_Hysteria2() {
     };
     const parse = (line) => {
         line = line.split(/(hysteria2|hy2):\/\//)[2];
-        // eslint-disable-next-line no-unused-vars
-        let [__, password, server, ___, port, addons, name] =
-            /^(.*?)@(.*?)(:(\d+))?\/?\?(.*?)(?:#(.*?))$/.exec(line);
-        port = parseInt(`${port}`, 10);
-        if (isNaN(port)) {
+        // 端口跳跃有两种写法:
+        // 1. 服务器的地址和可选端口。如果省略端口，则默认为 443。
+        // 端口部分支持 端口跳跃 的「多端口地址格式」。
+        // https://hysteria.network/zh/docs/advanced/Port-Hopping
+        // 2. 参数 mport
+        let ports;
+        /* eslint-disable no-unused-vars */
+        let [
+            __,
+            password,
+            server,
+            ___,
+            port,
+            ____,
+            _____,
+            ______,
+            _______,
+            ________,
+            addons = '',
+            name,
+        ] = /^(.*?)@(.*?)(:((\d+(-\d+)?)([,;]\d+(-\d+)?)*))?\/?(\?(.*?))?(?:#(.*?))?$/.exec(
+            line,
+        );
+        /* eslint-enable no-unused-vars */
+        if (/^\d+$/.test(port)) {
+            port = parseInt(`${port}`, 10);
+            if (isNaN(port)) {
+                port = 443;
+            }
+        } else if (port) {
+            ports = port;
+            port = getRandomPort(ports);
+        } else {
             port = 443;
         }
+
         password = decodeURIComponent(password);
-        name = decodeURIComponent(name) ?? `Hysteria2 ${server}:${port}`;
+        if (name != null) {
+            name = decodeURIComponent(name);
+        }
+        name = name ?? `Hysteria2 ${server}:${port}`;
 
         const proxy = {
             type: 'hysteria2',
             name,
             server,
             port,
+            ports,
             password,
         };
 
@@ -447,6 +619,7 @@ function URI_Hysteria2() {
             proxy.obfs = params.obfs;
         }
 
+        proxy.ports = params.mport;
         proxy['obfs-password'] = params['obfs-password'];
         proxy['skip-cert-verify'] = /(TRUE)|1/i.test(params.insecure);
         proxy.tfo = /(TRUE)|1/i.test(params.fastopen);
@@ -456,6 +629,206 @@ function URI_Hysteria2() {
     };
     return { name, test, parse };
 }
+function URI_Hysteria() {
+    const name = 'URI Hysteria Parser';
+    const test = (line) => {
+        return /^(hysteria|hy):\/\//.test(line);
+    };
+    const parse = (line) => {
+        line = line.split(/(hysteria|hy):\/\//)[2];
+        // eslint-disable-next-line no-unused-vars
+        let [__, server, ___, port, ____, addons = '', name] =
+            /^(.*?)(:(\d+))?\/?(\?(.*?))?(?:#(.*?))?$/.exec(line);
+        port = parseInt(`${port}`, 10);
+        if (isNaN(port)) {
+            port = 443;
+        }
+        if (name != null) {
+            name = decodeURIComponent(name);
+        }
+        name = name ?? `Hysteria ${server}:${port}`;
+
+        const proxy = {
+            type: 'hysteria',
+            name,
+            server,
+            port,
+        };
+        const params = {};
+        for (const addon of addons.split('&')) {
+            let [key, value] = addon.split('=');
+            key = key.replace(/_/, '-');
+            value = decodeURIComponent(value);
+            if (['alpn'].includes(key)) {
+                proxy[key] = value ? value.split(',') : undefined;
+            } else if (['insecure'].includes(key)) {
+                proxy['skip-cert-verify'] = /(TRUE)|1/i.test(value);
+            } else if (['auth'].includes(key)) {
+                proxy['auth-str'] = value;
+            } else if (['mport'].includes(key)) {
+                proxy['ports'] = value;
+            } else if (['obfsParam'].includes(key)) {
+                proxy['obfs'] = value;
+            } else if (['upmbps'].includes(key)) {
+                proxy['up'] = value;
+            } else if (['downmbps'].includes(key)) {
+                proxy['down'] = value;
+            } else if (['obfs'].includes(key)) {
+                // obfs: Obfuscation mode (optional, empty or "xplus")
+                proxy['_obfs'] = value || '';
+            } else if (['fast-open', 'peer'].includes(key)) {
+                params[key] = value;
+            } else {
+                proxy[key] = value;
+            }
+        }
+
+        if (!proxy.sni && params.peer) {
+            proxy.sni = params.peer;
+        }
+        if (!proxy['fast-open'] && params.fastopen) {
+            proxy['fast-open'] = true;
+        }
+        if (!proxy.protocol) {
+            // protocol: protocol to use ("udp", "wechat-video", "faketcp") (optional, default: "udp")
+            proxy.protocol = 'udp';
+        }
+
+        return proxy;
+    };
+    return { name, test, parse };
+}
+function URI_TUIC() {
+    const name = 'URI TUIC Parser';
+    const test = (line) => {
+        return /^tuic:\/\//.test(line);
+    };
+    const parse = (line) => {
+        line = line.split(/tuic:\/\//)[1];
+        // eslint-disable-next-line no-unused-vars
+        let [__, uuid, password, server, ___, port, ____, addons = '', name] =
+            /^(.*?):(.*?)@(.*?)(:(\d+))?\/?(\?(.*?))?(?:#(.*?))?$/.exec(line);
+        port = parseInt(`${port}`, 10);
+        if (isNaN(port)) {
+            port = 443;
+        }
+        password = decodeURIComponent(password);
+        if (name != null) {
+            name = decodeURIComponent(name);
+        }
+        name = name ?? `TUIC ${server}:${port}`;
+
+        const proxy = {
+            type: 'tuic',
+            name,
+            server,
+            port,
+            password,
+            uuid,
+        };
+
+        for (const addon of addons.split('&')) {
+            let [key, value] = addon.split('=');
+            key = key.replace(/_/, '-');
+            value = decodeURIComponent(value);
+            if (['alpn'].includes(key)) {
+                proxy[key] = value ? value.split(',') : undefined;
+            } else if (['allow-insecure'].includes(key)) {
+                proxy['skip-cert-verify'] = /(TRUE)|1/i.test(value);
+            } else if (['disable-sni', 'reduce-rtt'].includes(key)) {
+                proxy[key] = /(TRUE)|1/i.test(value);
+            } else {
+                proxy[key] = value;
+            }
+        }
+
+        return proxy;
+    };
+    return { name, test, parse };
+}
+function URI_WireGuard() {
+    const name = 'URI WireGuard Parser';
+    const test = (line) => {
+        return /^(wireguard|wg):\/\//.test(line);
+    };
+    const parse = (line) => {
+        line = line.split(/(wireguard|wg):\/\//)[2];
+        /* eslint-disable no-unused-vars */
+        let [
+            __,
+            ___,
+            privateKey,
+            server,
+            ____,
+            port,
+            _____,
+            addons = '',
+            name,
+        ] = /^((.*?)@)?(.*?)(:(\d+))?\/?(\?(.*?))?(?:#(.*?))?$/.exec(line);
+        /* eslint-enable no-unused-vars */
+
+        port = parseInt(`${port}`, 10);
+        if (isNaN(port)) {
+            port = 51820;
+        }
+        privateKey = decodeURIComponent(privateKey);
+        if (name != null) {
+            name = decodeURIComponent(name);
+        }
+        name = name ?? `WireGuard ${server}:${port}`;
+        const proxy = {
+            type: 'wireguard',
+            name,
+            server,
+            port,
+            'private-key': privateKey,
+            udp: true,
+        };
+        for (const addon of addons.split('&')) {
+            let [key, value] = addon.split('=');
+            key = key.replace(/_/, '-');
+            value = decodeURIComponent(value);
+            if (['reserved'].includes(key)) {
+                const parsed = value
+                    .split(',')
+                    .map((i) => parseInt(i.trim(), 10))
+                    .filter((i) => Number.isInteger(i));
+                if (parsed.length === 3) {
+                    proxy[key] = parsed;
+                }
+            } else if (['address', 'ip'].includes(key)) {
+                value.split(',').map((i) => {
+                    const ip = i
+                        .trim()
+                        .replace(/\/\d+$/, '')
+                        .replace(/^\[/, '')
+                        .replace(/\]$/, '');
+                    if (isIPv4(ip)) {
+                        proxy.ip = ip;
+                    } else if (isIPv6(ip)) {
+                        proxy.ipv6 = ip;
+                    }
+                });
+            } else if (['mtu'].includes(key)) {
+                const parsed = parseInt(value.trim(), 10);
+                if (Number.isInteger(parsed)) {
+                    proxy[key] = parsed;
+                }
+            } else if (/publickey/i.test(key)) {
+                proxy['public-key'] = value;
+            } else if (/privatekey/i.test(key)) {
+                proxy['private-key'] = value;
+            } else if (['udp'].includes(key)) {
+                proxy[key] = /(TRUE)|1/i.test(value);
+            } else if (!['flag'].includes(key)) {
+                proxy[key] = value;
+            }
+        }
+
+        return proxy;
+    };
+    return { name, test, parse };
+}
 
 // Trojan URI format
 function URI_Trojan() {
@@ -506,6 +879,7 @@ function Clash_All() {
                 'hysteria',
                 'hysteria2',
                 'wireguard',
+                'ssh',
             ].includes(proxy.type)
         ) {
             throw new Error(
@@ -517,21 +891,23 @@ function Clash_All() {
         if (['vmess', 'vless'].includes(proxy.type)) {
             proxy.sni = proxy.servername;
             delete proxy.servername;
-            if (proxy.tls && !proxy.sni) {
-                if (proxy.network === 'ws') {
-                    proxy.sni = proxy['ws-opts']?.headers?.Host;
-                } else if (proxy.network === 'http') {
-                    let httpHost = proxy['http-opts']?.headers?.Host;
-                    proxy.sni = Array.isArray(httpHost)
-                        ? httpHost[0]
-                        : httpHost;
-                }
-            }
+        }
+        if (proxy['server-cert-fingerprint']) {
+            proxy['tls-fingerprint'] = proxy['server-cert-fingerprint'];
+        }
+        if (proxy.fingerprint) {
+            proxy['tls-fingerprint'] = proxy.fingerprint;
+        }
+        if (proxy['dialer-proxy']) {
+            proxy['underlying-proxy'] = proxy['dialer-proxy'];
         }
 
         if (proxy['benchmark-url']) {
             proxy['test-url'] = proxy['benchmark-url'];
         }
+        if (proxy['benchmark-timeout']) {
+            proxy['test-timeout'] = proxy['benchmark-timeout'];
+        }
 
         return proxy;
     };
@@ -574,6 +950,15 @@ function QX_VMess() {
     return { name, test, parse };
 }
 
+function QX_VLESS() {
+    const name = 'QX VLESS Parser';
+    const test = (line) => {
+        return /^vless\s*=/.test(line.split(',')[0].trim());
+    };
+    const parse = (line) => getQXParser().parse(line);
+    return { name, test, parse };
+}
+
 function QX_Trojan() {
     const name = 'QX Trojan Parser';
     const test = (line) => {
@@ -675,6 +1060,15 @@ function Loon_Http() {
     const parse = (line) => getLoonParser().parse(line);
     return { name, test, parse };
 }
+function Loon_Socks5() {
+    const name = 'Loon SOCKS5 Parser';
+    const test = (line) => {
+        return /^.*=\s*socks5/i.test(line.split(',')[0]);
+    };
+
+    const parse = (line) => getLoonParser().parse(line);
+    return { name, test, parse };
+}
 
 function Loon_WireGuard() {
     const name = 'Loon WireGuard Parser';
@@ -742,6 +1136,7 @@ function Loon_WireGuard() {
         let publicKey = peers.match(
             /(,|^)\s*?public-key\s*?=\s*?"?(.+?)"?\s*?(,|$)/i,
         )?.[2];
+        // https://github.com/MetaCubeX/mihomo/blob/0404e35be8736b695eae018a08debb175c1f96e6/docs/config.yaml#L717
         const proxy = {
             type: 'wireguard',
             name,
@@ -768,7 +1163,7 @@ function Loon_WireGuard() {
                     ipv6,
                     'public-key': publicKey,
                     'pre-shared-key': preSharedKey,
-                    allowed_ips: allowedIps,
+                    'allowed-ips': allowedIps,
                     reserved,
                 },
             ],
@@ -783,6 +1178,14 @@ function Loon_WireGuard() {
     return { name, test, parse };
 }
 
+function Surge_SSH() {
+    const name = 'Surge SSH Parser';
+    const test = (line) => {
+        return /^.*=\s*ssh/.test(line.split(',')[0]);
+    };
+    const parse = (line) => getSurgeParser().parse(line);
+    return { name, test, parse };
+}
 function Surge_SS() {
     const name = 'Surge SS Parser';
     const test = (line) => {
@@ -831,6 +1234,79 @@ function Surge_Socks5() {
     return { name, test, parse };
 }
 
+function Surge_External() {
+    const name = 'Surge External Parser';
+    const test = (line) => {
+        return /^.*=\s*external/.test(line.split(',')[0]);
+    };
+    const parse = (line) => {
+        let parsed = /^\s*(.*?)\s*?=\s*?external\s*?,\s*(.*?)\s*$/.exec(line);
+
+        // eslint-disable-next-line no-unused-vars
+        let [_, name, other] = parsed;
+        line = other;
+
+        // exec = "/usr/bin/ssh" 或 exec = /usr/bin/ssh
+        let exec = /(,|^)\s*?exec\s*?=\s*"(.*?)"\s*?(,|$)/.exec(line)?.[2];
+        if (!exec) {
+            exec = /(,|^)\s*?exec\s*?=\s*(.*?)\s*?(,|$)/.exec(line)?.[2];
+        }
+
+        // local-port = "1080" 或 local-port = 1080
+        let localPort = /(,|^)\s*?local-port\s*?=\s*"(.*?)"\s*?(,|$)/.exec(
+            line,
+        )?.[2];
+        if (!localPort) {
+            localPort = /(,|^)\s*?local-port\s*?=\s*(.*?)\s*?(,|$)/.exec(
+                line,
+            )?.[2];
+        }
+        // args = "-m", args = "rc4-md5"
+        // args = -m, args = rc4-md5
+        const argsRegex = /(,|^)\s*?args\s*?=\s*("(.*?)"|(.*?))(?=\s*?(,|$))/g;
+        let argsMatch;
+        const args = [];
+        while ((argsMatch = argsRegex.exec(line)) !== null) {
+            if (argsMatch[3] != null) {
+                args.push(argsMatch[3]);
+            } else if (argsMatch[4] != null) {
+                args.push(argsMatch[4]);
+            }
+        }
+        // addresses = "[ipv6]",,addresses = "ipv6", addresses = "ipv4"
+        // addresses = [ipv6], addresses = ipv6, addresses = ipv4
+        const addressesRegex =
+            /(,|^)\s*?addresses\s*?=\s*("(.*?)"|(.*?))(?=\s*?(,|$))/g;
+        let addressesMatch;
+        const addresses = [];
+        while ((addressesMatch = addressesRegex.exec(line)) !== null) {
+            let ip;
+            if (addressesMatch[3] != null) {
+                ip = addressesMatch[3];
+            } else if (addressesMatch[4] != null) {
+                ip = addressesMatch[4];
+            }
+            if (ip != null) {
+                ip = `${ip}`.trim().replace(/^\[/, '').replace(/\]$/, '');
+            }
+            if (isIP(ip)) {
+                addresses.push(ip);
+            }
+        }
+
+        const proxy = {
+            type: 'external',
+            name,
+            exec,
+            'local-port': localPort,
+            args,
+            addresses,
+        };
+        return proxy;
+    };
+    return { name, test, parse };
+}
+
 function Surge_Snell() {
     const name = 'Surge Snell Parser';
     const test = (line) => {
@@ -845,7 +1321,12 @@ function Surge_Tuic() {
     const test = (line) => {
         return /^.*=\s*tuic(-v5)?/.test(line.split(',')[0]);
     };
-    const parse = (line) => getSurgeParser().parse(line);
+    const parse = (raw) => {
+        const { port_hopping, line } = surge_port_hopping(raw);
+        const proxy = getSurgeParser().parse(line);
+        proxy['ports'] = port_hopping;
+        return proxy;
+    };
     return { name, test, parse };
 }
 function Surge_WireGuard() {
@@ -862,18 +1343,31 @@ function Surge_Hysteria2() {
     const test = (line) => {
         return /^.*=\s*hysteria2/.test(line.split(',')[0]);
     };
-    const parse = (line) => getSurgeParser().parse(line);
+    const parse = (raw) => {
+        const { port_hopping, line } = surge_port_hopping(raw);
+        const proxy = getSurgeParser().parse(line);
+        proxy['ports'] = port_hopping;
+        return proxy;
+    };
     return { name, test, parse };
 }
 
+function isIP(ip) {
+    return isIPv4(ip) || isIPv6(ip);
+}
+
 export default [
     URI_SS(),
     URI_SSR(),
     URI_VMess(),
     URI_VLESS(),
+    URI_TUIC(),
+    URI_WireGuard(),
+    URI_Hysteria(),
     URI_Hysteria2(),
     URI_Trojan(),
     Clash_All(),
+    Surge_SSH(),
     Surge_SS(),
     Surge_VMess(),
     Surge_Trojan(),
@@ -883,6 +1377,7 @@ export default [
     Surge_WireGuard(),
     Surge_Hysteria2(),
     Surge_Socks5(),
+    Surge_External(),
     Loon_SS(),
     Loon_SSR(),
     Loon_VMess(),
@@ -890,10 +1385,12 @@ export default [
     Loon_Hysteria2(),
     Loon_Trojan(),
     Loon_Http(),
+    Loon_Socks5(),
     Loon_WireGuard(),
     QX_SS(),
     QX_SSR(),
     QX_VMess(),
+    QX_VLESS(),
     QX_Trojan(),
     QX_Http(),
     QX_Socks5(),

backend/src/core/proxy-utils/parsers/peggy/loon.js

@@ -35,7 +35,7 @@ const grammars = String.raw`
     }
 }
 
-start = (shadowsocksr/shadowsocks/vmess/vless/trojan/https/http/hysteria2) {
+start = (shadowsocksr/shadowsocks/vmess/vless/trojan/https/http/socks5/hysteria2) {
     return proxy;
 }
 
@@ -54,30 +54,33 @@ shadowsocks = tag equals "shadowsocks"i address method password (obfs_typev obfs
         $set(proxy, "plugin-opts.path", obfs.path);
     }
 }
-vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/vmess_alterId/fast_open/udp_relay/others)* {
+vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/vmess_alterId/fast_open/udp_relay/others)* {
     proxy.type = "vmess";
     proxy.cipher = proxy.cipher || "none";
     proxy.alterId = proxy.alterId || 0;
     handleTransport();
 }
-vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/fast_open/udp_relay/others)* {
+vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
     proxy.type = "vless";
     handleTransport();
 }
-trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/fast_open/udp_relay/others)* {
+trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
     proxy.type = "trojan";
     handleTransport();
 }
-hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/udp_relay/download_bandwidth/ecn/others)* {
+hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/udp_relay/fast_open/download_bandwidth/salamander_password/ecn/others)* {
     proxy.type = "hysteria2";
 }
-https = tag equals "https"i address (username password)? (tls_host/tls_verification/fast_open/udp_relay/others)* {
+https = tag equals "https"i address (username password)? (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
     proxy.type = "http";
     proxy.tls = true;
 }
 http = tag equals "http"i address (username password)? (fast_open/udp_relay/others)* {
     proxy.type = "http";
 }
+socks5 = tag equals "socks5"i address (username password)? (over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
+    proxy.type = "socks5";
+}
 
 address = comma server:server comma port:port {
     proxy.server = server;
@@ -117,7 +120,7 @@ port = digits:[0-9]+ {
 method = comma cipher:cipher { 
     proxy.cipher = cipher;
 }
-cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"xchacha20-ietf-poly1305"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none"/"auto");
+cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"auto"/"bf-cfb"/"camellia-128-cfb"/"camellia-192-cfb"/"camellia-256-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none"/"rc4-md5"/"rc4"/"salsa20"/"xchacha20-ietf-poly1305");
 
 username = & {
     let j = peg$currPos; 
@@ -167,14 +170,17 @@ ssr_protocol_param = comma "protocol-param" equals param:$[^=,]+ { proxy["protoc
 vmess_alterId = comma "alterId" equals alterId:$[0-9]+ { proxy.alterId = parseInt(alterId); } 
 
 over_tls = comma "over-tls" equals flag:bool { proxy.tls = flag; }
-tls_host = comma "tls-name" equals host:domain { proxy.sni = host; }
+tls_host = comma sni:("tls-name"/"sni") equals host:domain { proxy.sni = host; }
 tls_verification = comma "skip-cert-verify" equals flag:bool { proxy["skip-cert-verify"] = flag; }
+tls_cert_sha256 = comma "tls-cert-sha256" equals match:[^,]+ { proxy["tls-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+tls_pubkey_sha256 = comma "tls-pubkey-sha256" equals match:[^,]+ { proxy["tls-pubkey-sha256"] = match.join("").replace(/^"(.*)"$/, '$1'); }
 
 fast_open = comma "fast-open" equals flag:bool { proxy.tfo = flag; }
 udp_relay = comma "udp" equals flag:bool { proxy.udp = flag; }
 
 ecn = comma "ecn" equals flag:bool { proxy.ecn = flag; }
 download_bandwidth = comma "download-bandwidth" equals match:[^,]+ { proxy.down = match.join(""); }
+salamander_password = comma "salamander-password" equals match:[^,]+ { proxy['obfs-password'] = match.join(""); proxy.obfs = 'salamander'; }
 
 tag = match:[^=,]* { proxy.name = match.join("").trim(); }
 comma = _ "," _

backend/src/core/proxy-utils/parsers/peggy/loon.peg

@@ -33,7 +33,7 @@
     }
 }
 
-start = (shadowsocksr/shadowsocks/vmess/vless/trojan/https/http/hysteria2) {
+start = (shadowsocksr/shadowsocks/vmess/vless/trojan/https/http/socks5/hysteria2) {
     return proxy;
 }
 
@@ -52,30 +52,33 @@ shadowsocks = tag equals "shadowsocks"i address method password (obfs_typev obfs
         $set(proxy, "plugin-opts.path", obfs.path);
     }
 }
-vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/vmess_alterId/fast_open/udp_relay/others)* {
+vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/vmess_alterId/fast_open/udp_relay/others)* {
     proxy.type = "vmess";
     proxy.cipher = proxy.cipher || "none";
     proxy.alterId = proxy.alterId || 0;
     handleTransport();
 }
-vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/fast_open/udp_relay/others)* {
+vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
     proxy.type = "vless";
     handleTransport();
 }
-trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/fast_open/udp_relay/others)* {
+trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
     proxy.type = "trojan";
     handleTransport();
 }
-hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/udp_relay/download_bandwidth/ecn/others)* {
+hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/udp_relay/fast_open/download_bandwidth/salamander_password/ecn/others)* {
     proxy.type = "hysteria2";
 }
-https = tag equals "https"i address (username password)? (tls_host/tls_verification/fast_open/udp_relay/others)* {
+https = tag equals "https"i address (username password)? (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
     proxy.type = "http";
     proxy.tls = true;
 }
 http = tag equals "http"i address (username password)? (fast_open/udp_relay/others)* {
     proxy.type = "http";
 }
+socks5 = tag equals "socks5"i address (username password)? (over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
+    proxy.type = "socks5";
+}
 
 address = comma server:server comma port:port {
     proxy.server = server;
@@ -115,7 +118,7 @@ port = digits:[0-9]+ {
 method = comma cipher:cipher { 
     proxy.cipher = cipher;
 }
-cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"xchacha20-ietf-poly1305"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none"/"auto");
+cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"auto"/"bf-cfb"/"camellia-128-cfb"/"camellia-192-cfb"/"camellia-256-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none"/"rc4-md5"/"rc4"/"salsa20"/"xchacha20-ietf-poly1305");
 
 username = & {
     let j = peg$currPos; 
@@ -165,14 +168,17 @@ ssr_protocol_param = comma "protocol-param" equals param:$[^=,]+ { proxy["protoc
 vmess_alterId = comma "alterId" equals alterId:$[0-9]+ { proxy.alterId = parseInt(alterId); } 
 
 over_tls = comma "over-tls" equals flag:bool { proxy.tls = flag; }
-tls_host = comma "tls-name" equals host:domain { proxy.sni = host; }
+tls_host = comma sni:("tls-name"/"sni") equals host:domain { proxy.sni = host; }
 tls_verification = comma "skip-cert-verify" equals flag:bool { proxy["skip-cert-verify"] = flag; }
+tls_cert_sha256 = comma "tls-cert-sha256" equals match:[^,]+ { proxy["tls-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+tls_pubkey_sha256 = comma "tls-pubkey-sha256" equals match:[^,]+ { proxy["tls-pubkey-sha256"] = match.join("").replace(/^"(.*)"$/, '$1'); }
 
 fast_open = comma "fast-open" equals flag:bool { proxy.tfo = flag; }
 udp_relay = comma "udp" equals flag:bool { proxy.udp = flag; }
 
 ecn = comma "ecn" equals flag:bool { proxy.ecn = flag; }
 download_bandwidth = comma "download-bandwidth" equals match:[^,]+ { proxy.down = match.join(""); }
+salamander_password = comma "salamander-password" equals match:[^,]+ { proxy['obfs-password'] = match.join(""); proxy.obfs = 'salamander'; }
 
 tag = match:[^=,]* { proxy.name = match.join("").trim(); }
 comma = _ "," _

backend/src/core/proxy-utils/parsers/peggy/qx.js

@@ -38,7 +38,7 @@ const grammars = String.raw`
     }
 }
 
-start = (trojan/shadowsocks/vmess/http/socks5) {
+start = (trojan/shadowsocks/vmess/vless/http/socks5) {
     return proxy
 }
 
@@ -50,8 +50,11 @@ trojan = "trojan" equals address
 
 shadowsocks = "shadowsocks" equals address
     (password/method/obfs_ssr/obfs_ss/obfs_host/obfs_uri/ssr_protocol/ssr_protocol_param/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/udp_relay/udp_over_tcp/fast_open/tag/server_check_url/others)* {
-    if (proxy.protocol) {
+    if (proxy.protocol || proxy.type === "ssr") {
         proxy.type = "ssr";
+        if (!proxy.protocol) {
+            proxy.protocol = "origin";
+        }
         // handle ssr obfs
         if (obfs.host) proxy["obfs-param"] = obfs.host;
         if (obfs.type) proxy.obfs = obfs.type;
@@ -91,6 +94,13 @@ vmess = "vmess" equals address
     handleObfs();
 }
 
+vless = "vless" equals address
+    (uuid/method/over_tls/tls_host/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/tag/obfs/obfs_host/obfs_uri/udp_relay/udp_over_tcp/fast_open/aead/server_check_url/others)* {
+    proxy.type = "vless";
+    proxy.cipher = proxy.cipher || "none";
+    handleObfs();
+}
+
 http = "http" equals address 
     (username/password/over_tls/tls_host/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/tag/fast_open/udp_relay/udp_over_tcp/server_check_url/others)*{
     proxy.type = "http";
@@ -142,7 +152,7 @@ uuid = comma "password" equals uuid:[^=,]+ { proxy.uuid = uuid.join("").trim();
 method = comma "method" equals cipher:cipher { 
     proxy.cipher = cipher;
 };
-cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"xchacha20-ietf-poly1305"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none");
+cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"bf-cfb"/"cast5-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"des-cfb"/"none"/"rc2-cfb"/"rc4-md5-6"/"rc4-md5"/"salsa20"/"xchacha20-ietf-poly1305");
 aead = comma "aead" equals flag:bool { proxy.aead = flag; }
 
 udp_relay = comma "udp-relay" equals flag:bool { proxy.udp = flag; }
@@ -165,7 +175,7 @@ tls_no_session_reuse = comma "tls-no-session-reuse" equals flag:bool {
 }
 
 obfs_ss = comma "obfs" equals type:("http"/"tls"/"wss"/"ws"/"over-tls") { obfs.type = type; return type; }
-obfs_ssr = comma "obfs" equals type:("plain"/"http_simple"/"http_post"/"random_head"/"tls1.2_ticket_auth"/"tls1.2_ticket_fastauth") { obfs.type = type; return type; }
+obfs_ssr = comma "obfs" equals type:("plain"/"http_simple"/"http_post"/"random_head"/"tls1.2_ticket_auth"/"tls1.2_ticket_fastauth") { proxy.type = "ssr"; obfs.type = type; return type; }
 obfs = comma "obfs" equals type:("wss"/"ws"/"over-tls"/"http") { obfs.type = type; return type; };
 
 obfs_host = comma "obfs-host" equals host:domain { obfs.host = host; }

backend/src/core/proxy-utils/parsers/peggy/qx.peg

@@ -36,7 +36,7 @@
     }
 }
 
-start = (trojan/shadowsocks/vmess/http/socks5) {
+start = (trojan/shadowsocks/vmess/vless/http/socks5) {
     return proxy
 }
 
@@ -48,8 +48,11 @@ trojan = "trojan" equals address
 
 shadowsocks = "shadowsocks" equals address
     (password/method/obfs_ssr/obfs_ss/obfs_host/obfs_uri/ssr_protocol/ssr_protocol_param/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/udp_relay/udp_over_tcp/fast_open/tag/server_check_url/others)* {
-    if (proxy.protocol) {
+    if (proxy.protocol || proxy.type === "ssr") {
         proxy.type = "ssr";
+        if (!proxy.protocol) {
+            proxy.protocol = "origin";
+        }
         // handle ssr obfs
         if (obfs.host) proxy["obfs-param"] = obfs.host;
         if (obfs.type) proxy.obfs = obfs.type;
@@ -89,6 +92,13 @@ vmess = "vmess" equals address
     handleObfs();
 }
 
+vless = "vless" equals address
+    (uuid/method/over_tls/tls_host/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/tag/obfs/obfs_host/obfs_uri/udp_relay/udp_over_tcp/fast_open/aead/server_check_url/others)* {
+    proxy.type = "vless";
+    proxy.cipher = proxy.cipher || "none";
+    handleObfs();
+}
+
 http = "http" equals address 
     (username/password/over_tls/tls_host/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/tag/fast_open/udp_relay/udp_over_tcp/server_check_url/others)*{
     proxy.type = "http";
@@ -140,7 +150,7 @@ uuid = comma "password" equals uuid:[^=,]+ { proxy.uuid = uuid.join("").trim();
 method = comma "method" equals cipher:cipher { 
     proxy.cipher = cipher;
 };
-cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"xchacha20-ietf-poly1305"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none");
+cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"bf-cfb"/"cast5-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"des-cfb"/"none"/"rc2-cfb"/"rc4-md5-6"/"rc4-md5"/"salsa20"/"xchacha20-ietf-poly1305");
 aead = comma "aead" equals flag:bool { proxy.aead = flag; }
 
 udp_relay = comma "udp-relay" equals flag:bool { proxy.udp = flag; }
@@ -163,7 +173,7 @@ tls_no_session_reuse = comma "tls-no-session-reuse" equals flag:bool {
 }
 
 obfs_ss = comma "obfs" equals type:("http"/"tls"/"wss"/"ws"/"over-tls") { obfs.type = type; return type; }
-obfs_ssr = comma "obfs" equals type:("plain"/"http_simple"/"http_post"/"random_head"/"tls1.2_ticket_auth"/"tls1.2_ticket_fastauth") { obfs.type = type; return type; }
+obfs_ssr = comma "obfs" equals type:("plain"/"http_simple"/"http_post"/"random_head"/"tls1.2_ticket_auth"/"tls1.2_ticket_fastauth") { proxy.type = "ssr"; obfs.type = type; return type; }
 obfs = comma "obfs" equals type:("wss"/"ws"/"over-tls"/"http") { obfs.type = type; return type; };
 
 obfs_host = comma "obfs-host" equals host:domain { obfs.host = host; }

backend/src/core/proxy-utils/parsers/peggy/surge.js

@@ -30,13 +30,18 @@ const grammars = String.raw`
             }
         }
     }
+    function handleShadowTLS() {
+        if (proxy['shadow-tls-password'] && !proxy['shadow-tls-version']) {
+            proxy['shadow-tls-version'] = 2;
+        }
+    }
 }
 
-start = (shadowsocks/vmess/trojan/https/http/snell/socks5/socks5_tls/tuic/tuic_v5/wireguard/hysteria2) {
+start = (shadowsocks/vmess/trojan/https/http/snell/socks5/socks5_tls/tuic/tuic_v5/wireguard/hysteria2/ssh) {
     return proxy;
 }
 
-shadowsocks = tag equals "ss" address (method/passwordk/obfs/obfs_host/obfs_uri/ip_version/no_error_alert/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+shadowsocks = tag equals "ss" address (method/passwordk/obfs/obfs_host/obfs_uri/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/udp_port/others)* {
     proxy.type = "ss";
     // handle obfs
     if (obfs.type == "http" || obfs.type === "tls") {
@@ -45,8 +50,9 @@ shadowsocks = tag equals "ss" address (method/passwordk/obfs/obfs_host/obfs_uri/
         $set(proxy, "plugin-opts.host", obfs.host);
         $set(proxy, "plugin-opts.path", obfs.path);
     }
+    handleShadowTLS();
 }
-vmess = tag equals "vmess" address (vmess_uuid/vmess_aead/ws/ws_path/ws_headers/method/ip_version/no_error_alert/tls/sni/tls_fingerprint/tls_verification/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+vmess = tag equals "vmess" address (vmess_uuid/vmess_aead/ws/ws_path/ws_headers/method/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/tls/sni/tls_fingerprint/tls_verification/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "vmess";
     proxy.cipher = proxy.cipher || "none";
     if (proxy.aead) {
@@ -55,19 +61,27 @@ vmess = tag equals "vmess" address (vmess_uuid/vmess_aead/ws/ws_path/ws_headers/
         proxy.alterId = proxy.alterId || 0;
     }
     handleWebsocket();
+    handleShadowTLS();
 }
-trojan = tag equals "trojan" address (passwordk/ws/ws_path/ws_headers/tls/sni/tls_fingerprint/tls_verification/ip_version/no_error_alert/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+trojan = tag equals "trojan" address (passwordk/ws/ws_path/ws_headers/tls/sni/tls_fingerprint/tls_verification/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "trojan";
     handleWebsocket();
+    handleShadowTLS();
 }
-https = tag equals "https" address (username password)? (usernamek passwordk)? (sni/tls_fingerprint/tls_verification/ip_version/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+https = tag equals "https" address (username password)? (usernamek passwordk)? (sni/tls_fingerprint/tls_verification/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "http";
     proxy.tls = true;
+    handleShadowTLS();
 }
-http = tag equals "http" address (username password)? (usernamek passwordk)? (ip_version/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+http = tag equals "http" address (username password)? (usernamek passwordk)? (ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "http";
+    handleShadowTLS();
 }
-snell = tag equals "snell" address (snell_version/snell_psk/obfs/obfs_host/obfs_uri/ip_version/no_error_alert/fast_open/udp_relay/reuse/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+ssh = tag equals "ssh" address (username password)? (usernamek passwordk)? (server_fingerprint/idle_timeout/private_key/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+    proxy.type = "ssh";
+    handleShadowTLS();
+}
+snell = tag equals "snell" address (snell_version/snell_psk/obfs/obfs_host/obfs_uri/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/udp_relay/reuse/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "snell";
     // handle obfs
     if (obfs.type == "http" || obfs.type === "tls") {
@@ -75,26 +89,33 @@ snell = tag equals "snell" address (snell_version/snell_psk/obfs/obfs_host/obfs_
         $set(proxy, "obfs-opts.host", obfs.host);
         $set(proxy, "obfs-opts.path", obfs.path);
     }
+    handleShadowTLS();
 }
-tuic = tag equals "tuic" address (alpn/token/ip_version/no_error_alert/tls_verification/sni/fast_open/tfo/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+tuic = tag equals "tuic" address (alpn/token/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/tls_fingerprint/tls_verification/sni/fast_open/tfo/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/port_hopping_interval/others)* {
     proxy.type = "tuic";
+    handleShadowTLS();
 }
-tuic_v5 = tag equals "tuic-v5" address (alpn/passwordk/uuidk/ip_version/no_error_alert/tls_verification/sni/fast_open/tfo/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+tuic_v5 = tag equals "tuic-v5" address (alpn/passwordk/uuidk/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/tls_fingerprint/tls_verification/sni/fast_open/tfo/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/port_hopping_interval/others)* {
     proxy.type = "tuic";
     proxy.version = 5;
+    handleShadowTLS();
 }
-wireguard = tag equals "wireguard" (section_name/no_error_alert/ip_version/underlying_proxy/test_url/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+wireguard = tag equals "wireguard" (section_name/no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "wireguard-surge";
+    handleShadowTLS();
 }
-hysteria2 = tag equals "hysteria2" address (no_error_alert/ip_version/underlying_proxy/test_url/sni/tls_verification/passwordk/tls_fingerprint/download_bandwidth/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+hysteria2 = tag equals "hysteria2" address (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/sni/tls_verification/passwordk/tls_fingerprint/download_bandwidth/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/port_hopping_interval/others)* {
     proxy.type = "hysteria2";
+    handleShadowTLS();
 }
-socks5 = tag equals "socks5" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+socks5 = tag equals "socks5" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "socks5";
+    handleShadowTLS();
 }
-socks5_tls = tag equals "socks5-tls" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/sni/tls_fingerprint/tls_verification/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+socks5_tls = tag equals "socks5-tls" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/sni/tls_fingerprint/tls_verification/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "socks5";
     proxy.tls = true;
+    handleShadowTLS();
 }
 
 address = comma server:server comma port:port {
@@ -130,6 +151,8 @@ port = digits:[0-9]+ {
     }
 }
 
+port_hopping_interval = comma "port-hopping-interval" equals match:$[0-9]+ { proxy["hop-interval"] = parseInt(match.trim()); }
+
 username = & {
     let j = peg$currPos; 
     let start, end;
@@ -156,7 +179,13 @@ username = & {
 password = comma match:[^,]+ { proxy.password = match.join(""); }
 
 tls = comma "tls" equals flag:bool { proxy.tls = flag; }
-sni = comma "sni" equals sni:domain { proxy.sni = sni; }
+sni = comma "sni" equals sni:("off"/domain) { 
+    if (sni === "off") {
+        proxy["disable-sni"] = true;
+    } else {
+        proxy.sni = sni;
+    }
+}
 tls_verification = comma "skip-cert-verify" equals flag:bool { proxy["skip-cert-verify"] = flag; }
 tls_fingerprint = comma "server-cert-fingerprint-sha256" equals tls_fingerprint:$[^,]+ { proxy["tls-fingerprint"] = tls_fingerprint.trim(); }
 
@@ -171,7 +200,7 @@ vmess_aead = comma "vmess-aead" equals flag:bool { proxy.aead = flag; }
 method = comma "encrypt-method" equals cipher:cipher {
     proxy.cipher = cipher;
 }
-cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"xchacha20-ietf-poly1305"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none");
+cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"bf-cfb"/"camellia-128-cfb"/"camellia-192-cfb"/"camellia-256-cfb"/"cast5-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"des-cfb"/"idea-cfb"/"none"/"rc2-cfb"/"rc4-md5"/"rc4"/"salsa20"/"seed-cfb"/"xchacha20-ietf-poly1305"/"2022-blake3-aes-128-gcm"/"2022-blake3-aes-256-gcm");
 
 ws = comma "ws" equals flag:bool { obfs.type = "ws"; }
 ws_headers = comma "ws-headers" equals headers:$[^,]+ {
@@ -190,7 +219,7 @@ obfs_host = comma "obfs-host" equals host:domain { obfs.host = host; };
 obfs_uri = comma "obfs-uri" equals path:uri { obfs.path = path }
 uri = $[^,]+
 
-udp_relay = comma "udp" equals flag:bool { proxy.udp = flag; }
+udp_relay = comma "udp-relay" equals flag:bool { proxy.udp = flag; }
 fast_open = comma "fast-open" equals flag:bool { proxy.tfo = flag; }
 reuse = comma "reuse" equals flag:bool { proxy.reuse = flag; }
 ecn = comma "ecn" equals flag:bool { proxy.ecn = flag; }
@@ -201,7 +230,17 @@ no_error_alert = comma "no-error-alert" equals match:[^,]+ { proxy["no-error-ale
 underlying_proxy = comma "underlying-proxy" equals match:[^,]+ { proxy["underlying-proxy"] = match.join(""); }
 download_bandwidth = comma "download-bandwidth" equals match:[^,]+ { proxy.down = match.join(""); }
 test_url = comma "test-url" equals match:[^,]+ { proxy["test-url"] = match.join(""); }
+test_udp = comma "test-udp" equals match:[^,]+ { proxy["test-udp"] = match.join(""); }
+test_timeout = comma "test-timeout" equals match:$[0-9]+ { proxy["test-timeout"] = parseInt(match.trim()); }
+tos = comma "tos" equals match:$[0-9]+ { proxy.tos = parseInt(match.trim()); }
+interface = comma "interface" equals match:[^,]+ { proxy.interface = match.join(""); }
+allow_other_interface = comma "allow-other-interface" equals flag:bool { proxy["allow-other-interface"] = flag; }
+hybrid = comma "hybrid" equals flag:bool { proxy.hybrid = flag; }
+idle_timeout = comma "idle-timeout" equals match:$[0-9]+ { proxy["idle-timeout"] = parseInt(match.trim()); }
+private_key = comma "private-key" equals match:[^,]+ { proxy["keystore-private-key"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+server_fingerprint = comma "server-fingerprint" equals match:[^,]+ { proxy["server-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); }
 block_quic = comma "block-quic" equals match:[^,]+ { proxy["block-quic"] = match.join(""); }
+udp_port = comma "udp-port" equals match:$[0-9]+ { proxy["udp-port"] = parseInt(match.trim()); }
 shadow_tls_version = comma "shadow-tls-version" equals match:$[0-9]+ { proxy["shadow-tls-version"] = parseInt(match.trim()); }
 shadow_tls_sni = comma "shadow-tls-sni" equals match:[^,]+ { proxy["shadow-tls-sni"] = match.join(""); }
 shadow_tls_password = comma "shadow-tls-password" equals match:[^,]+ { proxy["shadow-tls-password"] = match.join(""); }

backend/src/core/proxy-utils/parsers/peggy/surge.peg

@@ -28,13 +28,18 @@
             }
         }
     }
+    function handleShadowTLS() {
+        if (proxy['shadow-tls-password'] && !proxy['shadow-tls-version']) {
+            proxy['shadow-tls-version'] = 2;
+        }
+    }
 }
 
-start = (shadowsocks/vmess/trojan/https/http/snell/socks5/socks5_tls/tuic/tuic_v5/wireguard/hysteria2) {
+start = (shadowsocks/vmess/trojan/https/http/snell/socks5/socks5_tls/tuic/tuic_v5/wireguard/hysteria2/ssh) {
     return proxy;
 }
 
-shadowsocks = tag equals "ss" address (method/passwordk/obfs/obfs_host/obfs_uri/ip_version/no_error_alert/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+shadowsocks = tag equals "ss" address (method/passwordk/obfs/obfs_host/obfs_uri/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/udp_port/others)* {
     proxy.type = "ss";
     // handle obfs
     if (obfs.type == "http" || obfs.type === "tls") {
@@ -43,8 +48,9 @@ shadowsocks = tag equals "ss" address (method/passwordk/obfs/obfs_host/obfs_uri/
         $set(proxy, "plugin-opts.host", obfs.host);
         $set(proxy, "plugin-opts.path", obfs.path);
     }
+    handleShadowTLS();
 }
-vmess = tag equals "vmess" address (vmess_uuid/vmess_aead/ws/ws_path/ws_headers/method/ip_version/no_error_alert/tls/sni/tls_fingerprint/tls_verification/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+vmess = tag equals "vmess" address (vmess_uuid/vmess_aead/ws/ws_path/ws_headers/method/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/tls/sni/tls_fingerprint/tls_verification/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "vmess";
     proxy.cipher = proxy.cipher || "none";
     if (proxy.aead) {
@@ -53,19 +59,27 @@ vmess = tag equals "vmess" address (vmess_uuid/vmess_aead/ws/ws_path/ws_headers/
         proxy.alterId = proxy.alterId || 0;
     }
     handleWebsocket();
+    handleShadowTLS();
 }
-trojan = tag equals "trojan" address (passwordk/ws/ws_path/ws_headers/tls/sni/tls_fingerprint/tls_verification/ip_version/no_error_alert/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+trojan = tag equals "trojan" address (passwordk/ws/ws_path/ws_headers/tls/sni/tls_fingerprint/tls_verification/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "trojan";
     handleWebsocket();
+    handleShadowTLS();
 }
-https = tag equals "https" address (username password)? (usernamek passwordk)? (sni/tls_fingerprint/tls_verification/ip_version/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+https = tag equals "https" address (username password)? (usernamek passwordk)? (sni/tls_fingerprint/tls_verification/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "http";
     proxy.tls = true;
+    handleShadowTLS();
 }
-http = tag equals "http" address (username password)? (usernamek passwordk)? (ip_version/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+http = tag equals "http" address (username password)? (usernamek passwordk)? (ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "http";
+    handleShadowTLS();
 }
-snell = tag equals "snell" address (snell_version/snell_psk/obfs/obfs_host/obfs_uri/ip_version/no_error_alert/fast_open/udp_relay/reuse/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+ssh = tag equals "ssh" address (username password)? (usernamek passwordk)? (server_fingerprint/idle_timeout/private_key/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+    proxy.type = "ssh";
+    handleShadowTLS();
+}
+snell = tag equals "snell" address (snell_version/snell_psk/obfs/obfs_host/obfs_uri/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/udp_relay/reuse/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "snell";
     // handle obfs
     if (obfs.type == "http" || obfs.type === "tls") {
@@ -73,26 +87,33 @@ snell = tag equals "snell" address (snell_version/snell_psk/obfs/obfs_host/obfs_
         $set(proxy, "obfs-opts.host", obfs.host);
         $set(proxy, "obfs-opts.path", obfs.path);
     }
+    handleShadowTLS();
 }
-tuic = tag equals "tuic" address (alpn/token/ip_version/no_error_alert/tls_verification/sni/fast_open/tfo/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+tuic = tag equals "tuic" address (alpn/token/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/tls_fingerprint/tls_verification/sni/fast_open/tfo/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/port_hopping_interval/others)* {
     proxy.type = "tuic";
+    handleShadowTLS();
 }
-tuic_v5 = tag equals "tuic-v5" address (alpn/passwordk/uuidk/ip_version/no_error_alert/tls_verification/sni/fast_open/tfo/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+tuic_v5 = tag equals "tuic-v5" address (alpn/passwordk/uuidk/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/tls_fingerprint/tls_verification/sni/fast_open/tfo/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/port_hopping_interval/others)* {
     proxy.type = "tuic";
     proxy.version = 5;
+    handleShadowTLS();
 }
-wireguard = tag equals "wireguard" (section_name/no_error_alert/ip_version/underlying_proxy/test_url/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+wireguard = tag equals "wireguard" (section_name/no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "wireguard-surge";
+    handleShadowTLS();
 }
-hysteria2 = tag equals "hysteria2" address (no_error_alert/ip_version/underlying_proxy/test_url/sni/tls_verification/passwordk/tls_fingerprint/download_bandwidth/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+hysteria2 = tag equals "hysteria2" address (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/sni/tls_verification/passwordk/tls_fingerprint/download_bandwidth/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/port_hopping_interval/others)* {
     proxy.type = "hysteria2";
+    handleShadowTLS();
 }
-socks5 = tag equals "socks5" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+socks5 = tag equals "socks5" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "socks5";
+    handleShadowTLS();
 }
-socks5_tls = tag equals "socks5-tls" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/sni/tls_fingerprint/tls_verification/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+socks5_tls = tag equals "socks5-tls" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/sni/tls_fingerprint/tls_verification/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "socks5";
     proxy.tls = true;
+    handleShadowTLS();
 }
 
 address = comma server:server comma port:port {
@@ -128,6 +149,8 @@ port = digits:[0-9]+ {
     }
 }
 
+port_hopping_interval = comma "port-hopping-interval" equals match:$[0-9]+ { proxy["hop-interval"] = parseInt(match.trim()); }
+
 username = & {
     let j = peg$currPos; 
     let start, end;
@@ -154,7 +177,13 @@ username = & {
 password = comma match:[^,]+ { proxy.password = match.join(""); }
 
 tls = comma "tls" equals flag:bool { proxy.tls = flag; }
-sni = comma "sni" equals sni:domain { proxy.sni = sni; }
+sni = comma "sni" equals sni:("off"/domain) { 
+    if (sni === "off") {
+        proxy["disable-sni"] = true;
+    } else {
+        proxy.sni = sni;
+    }
+}
 tls_verification = comma "skip-cert-verify" equals flag:bool { proxy["skip-cert-verify"] = flag; }
 tls_fingerprint = comma "server-cert-fingerprint-sha256" equals tls_fingerprint:$[^,]+ { proxy["tls-fingerprint"] = tls_fingerprint.trim(); }
 
@@ -169,7 +198,7 @@ vmess_aead = comma "vmess-aead" equals flag:bool { proxy.aead = flag; }
 method = comma "encrypt-method" equals cipher:cipher {
     proxy.cipher = cipher;
 }
-cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"xchacha20-ietf-poly1305"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none");
+cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"bf-cfb"/"camellia-128-cfb"/"camellia-192-cfb"/"camellia-256-cfb"/"cast5-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"des-cfb"/"idea-cfb"/"none"/"rc2-cfb"/"rc4-md5"/"rc4"/"salsa20"/"seed-cfb"/"xchacha20-ietf-poly1305"/"2022-blake3-aes-128-gcm"/"2022-blake3-aes-256-gcm");
 
 ws = comma "ws" equals flag:bool { obfs.type = "ws"; }
 ws_headers = comma "ws-headers" equals headers:$[^,]+ {
@@ -188,7 +217,7 @@ obfs_host = comma "obfs-host" equals host:domain { obfs.host = host; };
 obfs_uri = comma "obfs-uri" equals path:uri { obfs.path = path }
 uri = $[^,]+
 
-udp_relay = comma "udp" equals flag:bool { proxy.udp = flag; }
+udp_relay = comma "udp-relay" equals flag:bool { proxy.udp = flag; }
 fast_open = comma "fast-open" equals flag:bool { proxy.tfo = flag; }
 reuse = comma "reuse" equals flag:bool { proxy.reuse = flag; }
 ecn = comma "ecn" equals flag:bool { proxy.ecn = flag; }
@@ -199,7 +228,17 @@ no_error_alert = comma "no-error-alert" equals match:[^,]+ { proxy["no-error-ale
 underlying_proxy = comma "underlying-proxy" equals match:[^,]+ { proxy["underlying-proxy"] = match.join(""); }
 download_bandwidth = comma "download-bandwidth" equals match:[^,]+ { proxy.down = match.join(""); }
 test_url = comma "test-url" equals match:[^,]+ { proxy["test-url"] = match.join(""); }
+test_udp = comma "test-udp" equals match:[^,]+ { proxy["test-udp"] = match.join(""); }
+test_timeout = comma "test-timeout" equals match:$[0-9]+ { proxy["test-timeout"] = parseInt(match.trim()); }
+tos = comma "tos" equals match:$[0-9]+ { proxy.tos = parseInt(match.trim()); }
+interface = comma "interface" equals match:[^,]+ { proxy.interface = match.join(""); }
+allow_other_interface = comma "allow-other-interface" equals flag:bool { proxy["allow-other-interface"] = flag; }
+hybrid = comma "hybrid" equals flag:bool { proxy.hybrid = flag; }
+idle_timeout = comma "idle-timeout" equals match:$[0-9]+ { proxy["idle-timeout"] = parseInt(match.trim()); }
+private_key = comma "private-key" equals match:[^,]+ { proxy["keystore-private-key"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+server_fingerprint = comma "server-fingerprint" equals match:[^,]+ { proxy["server-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); }
 block_quic = comma "block-quic" equals match:[^,]+ { proxy["block-quic"] = match.join(""); }
+udp_port = comma "udp-port" equals match:$[0-9]+ { proxy["udp-port"] = parseInt(match.trim()); }
 shadow_tls_version = comma "shadow-tls-version" equals match:$[0-9]+ { proxy["shadow-tls-version"] = parseInt(match.trim()); }
 shadow_tls_sni = comma "shadow-tls-sni" equals match:[^,]+ { proxy["shadow-tls-sni"] = match.join(""); }
 shadow_tls_password = comma "shadow-tls-password" equals match:[^,]+ { proxy["shadow-tls-password"] = match.join(""); }

backend/src/core/proxy-utils/parsers/peggy/trojan-uri.js

@@ -30,7 +30,7 @@ start = (trojan) {
   return proxy
 }
 
-trojan = "trojan://" password:password "@" server:server ":" port:port params? name:name?{
+trojan = "trojan://" password:password "@" server:server ":" port:port "/"? params? name:name?{
   proxy.type = "trojan";
   proxy.password = password;
   proxy.server = server;
@@ -79,7 +79,7 @@ port = digits:[0-9]+ {
   }
 }
 
-params = "/"? "?" head:param tail:("&"@param)* {
+params = "?" head:param tail:("&"@param)* {
   proxy["skip-cert-verify"] = toBool(params["allowInsecure"]);
   proxy.sni = params["sni"] || params["peer"];
 
@@ -89,12 +89,28 @@ params = "/"? "?" head:param tail:("&"@param)* {
   }
   
   if (params["type"]) {
+    let httpupgrade
     proxy.network = params["type"]
-    if (params["path"]) {
-      $set(proxy, proxy.network+"-opts.path", decodeURIComponent(params["path"]));  
+    if(proxy.network === 'httpupgrade') {
+      proxy.network = 'ws'
+      httpupgrade = true
     }
-    if (params["host"]) {
-      $set(proxy, proxy.network+"-opts.headers.Host", decodeURIComponent(params["host"])); 
+    if (['grpc'].includes(proxy.network)) {
+        proxy[proxy.network + '-opts'] = {
+            'grpc-service-name': params["serviceName"],
+            '_grpc-type': params["mode"],
+        };
+    } else {
+      if (params["path"]) {
+        $set(proxy, proxy.network+"-opts.path", decodeURIComponent(params["path"]));  
+      }
+      if (params["host"]) {
+        $set(proxy, proxy.network+"-opts.headers.Host", decodeURIComponent(params["host"])); 
+      }
+      if (httpupgrade) {
+        $set(proxy, proxy.network+"-opts.v2ray-http-upgrade", true); 
+        $set(proxy, proxy.network+"-opts.v2ray-http-upgrade-fast-open", true); 
+      }
     }
   }
 

backend/src/core/proxy-utils/parsers/peggy/trojan-uri.peg

@@ -28,7 +28,7 @@ start = (trojan) {
   return proxy
 }
 
-trojan = "trojan://" password:password "@" server:server ":" port:port params? name:name?{
+trojan = "trojan://" password:password "@" server:server ":" port:port "/"? params? name:name?{
   proxy.type = "trojan";
   proxy.password = password;
   proxy.server = server;
@@ -77,7 +77,7 @@ port = digits:[0-9]+ {
   }
 }
 
-params = "/"? "?" head:param tail:("&"@param)* {
+params = "?" head:param tail:("&"@param)* {
   proxy["skip-cert-verify"] = toBool(params["allowInsecure"]);
   proxy.sni = params["sni"] || params["peer"];
 
@@ -87,12 +87,28 @@ params = "/"? "?" head:param tail:("&"@param)* {
   }
   
   if (params["type"]) {
+    let httpupgrade
     proxy.network = params["type"]
-    if (params["path"]) {
-      $set(proxy, proxy.network+"-opts.path", decodeURIComponent(params["path"]));  
+    if(proxy.network === 'httpupgrade') {
+      proxy.network = 'ws'
+      httpupgrade = true
     }
-    if (params["host"]) {
-      $set(proxy, proxy.network+"-opts.headers.Host", decodeURIComponent(params["host"])); 
+    if (['grpc'].includes(proxy.network)) {
+        proxy[proxy.network + '-opts'] = {
+            'grpc-service-name': params["serviceName"],
+            '_grpc-type': params["mode"],
+        };
+    } else {
+      if (params["path"]) {
+        $set(proxy, proxy.network+"-opts.path", decodeURIComponent(params["path"]));  
+      }
+      if (params["host"]) {
+        $set(proxy, proxy.network+"-opts.headers.Host", decodeURIComponent(params["host"])); 
+      }
+      if (httpupgrade) {
+        $set(proxy, proxy.network+"-opts.v2ray-http-upgrade", true); 
+        $set(proxy, proxy.network+"-opts.v2ray-http-upgrade-fast-open", true); 
+      }
     }
   }
 

backend/src/core/proxy-utils/preprocessors/index.js

@@ -1,4 +1,4 @@
-import { safeLoad } from 'static-js-yaml';
+import { safeLoad } from '@/utils/yaml';
 import { Base64 } from 'js-base64';
 
 function HTML() {
@@ -22,6 +22,10 @@ function Base64Encoded() {
         'aHR0c', // htt
         'dmxlc3M=', // vless
         'aHlzdGVyaWEy', // hysteria2
+        'aHkyOi8v', // hy2://
+        'd2lyZWd1YXJkOi8v', // wireguard://
+        'd2c6Ly8=', // wg://
+        'dHVpYzovLw==', // tuic://
     ];
 
     const test = function (raw) {
@@ -46,8 +50,41 @@ function Clash() {
     };
     const parse = function (raw) {
         // Clash YAML format
-        const proxies = safeLoad(raw).proxies;
-        return proxies.map((p) => JSON.stringify(p)).join('\n');
+
+        // 防止 VLESS节点 reality-opts 选项中的 short-id 被解析成 Infinity
+        // 匹配 short-id 冒号后面的值(包含空格和引号)
+        const afterReplace = raw.replace(
+            /short-id:([ ]*[^,\n}]*)/g,
+            (matched, value) => {
+            const afterTrim = value.trim();
+        
+            // 为空
+            if (!afterTrim || afterTrim === '') {
+                return 'short-id: ""'
+            }
+        
+            // 是否被引号包裹
+            if (/^(['"]).*\1$/.test(afterTrim)) {
+                return `short-id: ${afterTrim}`;
+            } else {
+                return `short-id: "${afterTrim}"`
+            }
+            }
+        );
+
+        const {
+            proxies,
+            'global-client-fingerprint': globalClientFingerprint,
+        } = safeLoad(afterReplace);
+        return proxies
+            .map((p) => {
+                // https://github.com/MetaCubeX/mihomo/blob/Alpha/docs/config.yaml#L73C1-L73C26
+                if (globalClientFingerprint && !p['client-fingerprint']) {
+                    p['client-fingerprint'] = globalClientFingerprint;
+                }
+                return JSON.stringify(p);
+            })
+            .join('\n');
     };
     return { name, test, parse };
 }

backend/src/core/proxy-utils/processors/index.js

@@ -1,14 +1,25 @@
 import resourceCache from '@/utils/resource-cache';
 import scriptResourceCache from '@/utils/script-resource-cache';
-import { isIPv4, isIPv6 } from '@/utils';
+import { isIPv4, isIPv6, ipAddress } from '@/utils';
 import { FULL } from '@/utils/logical';
-import { getFlag } from '@/utils/geo';
+import { getFlag, removeFlag } from '@/utils/geo';
+import { doh } from '@/utils/dns';
 import lodash from 'lodash';
 import $ from '@/core/app';
 import { hex_md5 } from '@/vendor/md5';
 import { ProxyUtils } from '@/core/proxy-utils';
+import { produceArtifact } from '@/restful/sync';
+import { SETTINGS_KEY } from '@/constants';
+
 import env from '@/utils/env';
-import { getFlowHeaders, parseFlowHeaders, flowTransfer } from '@/utils/flow';
+import {
+    getFlowField,
+    getFlowHeaders,
+    parseFlowHeaders,
+    validCheck,
+    flowTransfer,
+    getRmainingDays,
+} from '@/utils/flow';
 
 /**
  The rule "(name CONTAINS "🇨🇳") AND (port IN [80, 443])" can be expressed as follows:
@@ -79,12 +90,15 @@ function QuickSettingOperator(args) {
             if (get(args.useless)) {
                 const filter = UselessFilter();
                 const selected = filter.func(proxies);
-                proxies.filter((_, i) => selected[i]);
+                proxies = proxies.filter(
+                    (p, i) => selected[i] && p.port > 0 && p.port <= 65535,
+                );
             }
 
             return proxies.map((proxy) => {
                 proxy.udp = get(args.udp, proxy.udp);
                 proxy.tfo = get(args.tfo, proxy.tfo);
+                proxy['fast-open'] = get(args.tfo, proxy['fast-open']);
                 proxy['skip-cert-verify'] = get(
                     args.scert,
                     proxy['skip-cert-verify'],
@@ -110,7 +124,7 @@ function QuickSettingOperator(args) {
 }
 
 // add or remove flag for proxies
-function FlagOperator({ mode }) {
+function FlagOperator({ mode, tw }) {
     return {
         name: 'Flag Operator',
         func: (proxies) => {
@@ -124,7 +138,13 @@ function FlagOperator({ mode }) {
                     // remove old flag
                     proxy.name = removeFlag(proxy.name);
                     proxy.name = newFlag + ' ' + proxy.name;
-                    proxy.name = proxy.name.replace(/🇹🇼/g, '🇨🇳');
+                    if (tw == 'ws') {
+                        proxy.name = proxy.name.replace(/🇹🇼/g, '🇼🇸');
+                    } else if (tw == 'tw') {
+                        // 不变
+                    } else {
+                        proxy.name = proxy.name.replace(/🇹🇼/g, '🇨🇳');
+                    }
                 }
                 return proxy;
             });
@@ -296,7 +316,7 @@ function RegexDeleteOperator(regex) {
  1. This function name should be `operator`!
  2. Always declare variables before using them!
  */
-function ScriptOperator(script, targetPlatform, $arguments, source) {
+function ScriptOperator(script, targetPlatform, $arguments, source, $options) {
     return {
         name: 'Script Operator',
         func: async (proxies) => {
@@ -306,6 +326,7 @@ function ScriptOperator(script, targetPlatform, $arguments, source) {
                     'operator',
                     script,
                     $arguments,
+                    $options,
                 );
                 output = operator(proxies, targetPlatform, { source, ...env });
             })();
@@ -316,13 +337,23 @@ function ScriptOperator(script, targetPlatform, $arguments, source) {
             await (async function () {
                 const operator = createDynamicFunction(
                     'operator',
-                    `async function operator(proxies = []) {
-                        return proxies.map(($server = {}) => {
-                          ${script}
-                          return $server
-                        })
+                    `async function operator(input = []) {
+                        if (input && (input.$files || input.$content)) {
+                            let { $content, $files, $options } = input
+                            ${script}
+                            return { $content, $files, $options }
+                        } else {
+                            let proxies = input
+                            let list = []
+                            for await (let $server of proxies) {
+                                ${script}
+                                list.push($server)
+                            }
+                            return list
+                        }
                       }`,
                     $arguments,
+                    $options,
                 );
                 output = operator(proxies, targetPlatform, { source, ...env });
             })();
@@ -331,128 +362,231 @@ function ScriptOperator(script, targetPlatform, $arguments, source) {
     };
 }
 
-const DOMAIN_RESOLVERS = {
-    Google: async function (domain) {
-        const id = hex_md5(`GOOGLE:${domain}`);
-        const cached = resourceCache.get(id);
-        if (cached) return cached;
-        const resp = await $.http.get({
-            url: `https://8.8.4.4/resolve?name=${encodeURIComponent(
-                domain,
-            )}&type=A`,
-            headers: {
-                accept: 'application/dns-json',
-            },
-        });
-        const body = JSON.parse(resp.body);
-        if (body['Status'] !== 0) {
-            throw new Error(`Status is ${body['Status']}`);
+function parseIP4P(IP4P) {
+    let server;
+    let port;
+    try {
+        let array = IP4P.split(':');
+
+        port = parseInt(array[2], 16);
+        let ipab = parseInt(array[3], 16);
+        let ipcd = parseInt(array[4], 16);
+        let ipa = ipab >> 8;
+        let ipb = ipab & 0xff;
+        let ipc = ipcd >> 8;
+        let ipd = ipcd & 0xff;
+        server = `${ipa}.${ipb}.${ipc}.${ipd}`;
+        if (port <= 0 || port > 65535) {
+            throw new Error(`Invalid port number: ${port}`);
         }
-        const answers = body['Answer'];
-        if (answers.length === 0) {
+        if (!isIPv4(server)) {
+            throw new Error(`Invalid IP address: ${server}`);
+        }
+    } catch (e) {
+        // throw new Error(`IP4P 解析失败: ${e}`);
+        $.error(`IP4P 解析失败: ${e}`);
+    }
+    return { server, port };
+}
+
+const DOMAIN_RESOLVERS = {
+    Custom: async function (domain, type, noCache, timeout, edns, url) {
+        const id = hex_md5(`CUSTOM:${url}:${domain}:${type}`);
+        const cached = resourceCache.get(id);
+        if (!noCache && cached) return cached;
+        const answerType = type === 'IPv6' ? 'AAAA' : 'A';
+        const res = await doh({
+            url,
+            domain,
+            type: answerType,
+            timeout,
+            edns,
+        });
+
+        const { answers } = res;
+        if (!Array.isArray(answers) || answers.length === 0) {
+            throw new Error('No answers');
+        }
+        const result = answers
+            .filter((i) => i?.type === answerType)
+            .map((i) => i?.data)
+            .filter((i) => i);
+        if (result.length === 0) {
             throw new Error('No answers');
         }
-        const result = answers[answers.length - 1].data;
         resourceCache.set(id, result);
         return result;
     },
-    'IP-API': async function (domain) {
+    Google: async function (domain, type, noCache, timeout, edns) {
+        const id = hex_md5(`GOOGLE:${domain}:${type}`);
+        const cached = resourceCache.get(id);
+        if (!noCache && cached) return cached;
+        const answerType = type === 'IPv6' ? 'AAAA' : 'A';
+        const res = await doh({
+            url: 'https://8.8.4.4/dns-query',
+            domain,
+            type: answerType,
+            timeout,
+            edns,
+        });
+
+        const { answers } = res;
+        if (!Array.isArray(answers) || answers.length === 0) {
+            throw new Error('No answers');
+        }
+        const result = answers
+            .filter((i) => i?.type === answerType)
+            .map((i) => i?.data)
+            .filter((i) => i);
+        if (result.length === 0) {
+            throw new Error('No answers');
+        }
+        resourceCache.set(id, result);
+        return result;
+    },
+    'IP-API': async function (domain, type, noCache, timeout) {
+        if (['IPv6'].includes(type)) {
+            throw new Error(`域名解析服务提供方 IP-API 不支持 ${type}`);
+        }
         const id = hex_md5(`IP-API:${domain}`);
         const cached = resourceCache.get(id);
-        if (cached) return cached;
+        if (!noCache && cached) return cached;
         const resp = await $.http.get({
             url: `http://ip-api.com/json/${encodeURIComponent(
                 domain,
             )}?lang=zh-CN`,
+            timeout,
         });
         const body = JSON.parse(resp.body);
         if (body['status'] !== 'success') {
             throw new Error(`Status is ${body['status']}`);
         }
-        const result = body.query;
-        resourceCache.set(id, result);
-        return result;
-    },
-    Cloudflare: async function (domain) {
-        const id = hex_md5(`CLOUDFLARE:${domain}`);
-        const cached = resourceCache.get(id);
-        if (cached) return cached;
-        const resp = await $.http.get({
-            url: `https://1.0.0.1/dns-query?name=${encodeURIComponent(
-                domain,
-            )}&type=A`,
-            headers: {
-                accept: 'application/dns-json',
-            },
-        });
-        const body = JSON.parse(resp.body);
-        if (body['Status'] !== 0) {
-            throw new Error(`Status is ${body['Status']}`);
-        }
-        const answers = body['Answer'];
-        if (answers.length === 0) {
+        if (!body.query || body.query === 0) {
+            throw new Error('No answers');
+        }
+        const result = [body.query];
+        if (result.length === 0) {
             throw new Error('No answers');
         }
-        const result = answers[answers.length - 1].data;
         resourceCache.set(id, result);
         return result;
     },
-    Ali: async function (domain) {
-        const id = hex_md5(`ALI:${domain}`);
+    Cloudflare: async function (domain, type, noCache, timeout, edns) {
+        const id = hex_md5(`CLOUDFLARE:${domain}:${type}`);
         const cached = resourceCache.get(id);
-        if (cached) return cached;
+        if (!noCache && cached) return cached;
+        const answerType = type === 'IPv6' ? 'AAAA' : 'A';
+        const res = await doh({
+            url: 'https://1.0.0.1/dns-query',
+            domain,
+            type: answerType,
+            timeout,
+            edns,
+        });
+
+        const { answers } = res;
+        if (!Array.isArray(answers) || answers.length === 0) {
+            throw new Error('No answers');
+        }
+        const result = answers
+            .filter((i) => i?.type === answerType)
+            .map((i) => i?.data)
+            .filter((i) => i);
+        if (result.length === 0) {
+            throw new Error('No answers');
+        }
+        resourceCache.set(id, result);
+        return result;
+    },
+    Ali: async function (domain, type, noCache, timeout, edns) {
+        const id = hex_md5(`ALI:${domain}:${type}`);
+        const cached = resourceCache.get(id);
+        if (!noCache && cached) return cached;
         const resp = await $.http.get({
-            url: `http://223.6.6.6/resolve?name=${encodeURIComponent(
+            url: `http://223.6.6.6/resolve?edns_client_subnet=${edns}/24&name=${encodeURIComponent(
                 domain,
-            )}&type=A&short=1`,
+            )}&type=${type === 'IPv6' ? 'AAAA' : 'A'}&short=1`,
             headers: {
                 accept: 'application/dns-json',
             },
+            timeout,
         });
         const answers = JSON.parse(resp.body);
-        if (answers.length === 0) {
+        if (!Array.isArray(answers) || answers.length === 0) {
+            throw new Error('No answers');
+        }
+        const result = answers;
+        if (result.length === 0) {
             throw new Error('No answers');
         }
-        const result = answers[answers.length - 1];
         resourceCache.set(id, result);
         return result;
     },
-    Tencent: async function (domain) {
-        const id = hex_md5(`ALI:${domain}`);
+    Tencent: async function (domain, type, noCache, timeout, edns) {
+        const id = hex_md5(`TENCENT:${domain}:${type}`);
         const cached = resourceCache.get(id);
-        if (cached) return cached;
+        if (!noCache && cached) return cached;
         const resp = await $.http.get({
-            url: `http://119.28.28.28/d?type=A&dn=${encodeURIComponent(
-                domain,
-            )}`,
+            url: `http://119.28.28.28/d?ip=${edns}&type=${
+                type === 'IPv6' ? 'AAAA' : 'A'
+            }&dn=${encodeURIComponent(domain)}`,
             headers: {
                 accept: 'application/dns-json',
             },
+            timeout,
         });
         const answers = resp.body.split(';').map((i) => i.split(',')[0]);
-        if (answers.length === 0) {
+        if (answers.length === 0 || String(answers) === '0') {
+            throw new Error('No answers');
+        }
+        const result = answers;
+        if (result.length === 0) {
             throw new Error('No answers');
         }
-        const result = answers[answers.length - 1];
         resourceCache.set(id, result);
         return result;
     },
 };
 
-function ResolveDomainOperator({ provider }) {
+function ResolveDomainOperator({
+    provider,
+    type: _type,
+    filter,
+    cache,
+    url,
+    timeout,
+    edns: _edns,
+}) {
+    if (['IPv6', 'IP4P'].includes(_type) && ['IP-API'].includes(provider)) {
+        throw new Error(`域名解析服务提供方 ${provider} 不支持 ${_type}`);
+    }
+    const { defaultTimeout } = $.read(SETTINGS_KEY);
+    const requestTimeout = timeout || defaultTimeout;
+    let type = ['IPv6', 'IP4P'].includes(_type) ? 'IPv6' : 'IPv4';
+
     const resolver = DOMAIN_RESOLVERS[provider];
     if (!resolver) {
-        throw new Error(`Cannot find resolver: ${provider}`);
+        throw new Error(`找不到域名解析服务提供方: ${provider}`);
     }
+    let edns = _edns || '223.6.6.6';
+    if (!isIP(edns)) throw new Error(`域名解析 EDNS 应为 IP`);
+    $.info(
+        `Domain Resolver: [${_type}] ${provider} ${edns || ''} ${url || ''}`,
+    );
     return {
         name: 'Resolve Domain Operator',
         func: async (proxies) => {
+            proxies.forEach((p, i) => {
+                if (!p['_no-resolve'] && p['no-resolve']) {
+                    proxies[i]['_no-resolve'] = p['no-resolve'];
+                }
+            });
             const results = {};
             const limit = 15; // more than 20 concurrency may result in surge TCP connection shortage.
             const totalDomain = [
                 ...new Set(
                     proxies
-                        .filter((p) => !isIP(p.server) && !p['no-resolve'])
+                        .filter((p) => !isIP(p.server) && !p['_no-resolve'])
                         .map((c) => c.server),
                 ),
             ];
@@ -461,7 +595,14 @@ function ResolveDomainOperator({ provider }) {
                 const currentBatch = [];
                 for (let domain of totalDomain.splice(0, limit)) {
                     currentBatch.push(
-                        resolver(domain)
+                        resolver(
+                            domain,
+                            type,
+                            cache === 'disabled',
+                            requestTimeout,
+                            edns,
+                            url,
+                        )
                             .then((ip) => {
                                 results[domain] = ip;
                                 $.info(
@@ -478,17 +619,76 @@ function ResolveDomainOperator({ provider }) {
                 await Promise.all(currentBatch);
             }
             proxies.forEach((p) => {
-                if (!p['no-resolve']) {
+                if (!p['_no-resolve']) {
                     if (results[p.server]) {
-                        p.server = results[p.server];
-                        p.resolved = true;
-                    } else {
+                        p._resolved_ips = results[p.server];
+                        let ip = Array.isArray(results[p.server])
+                            ? results[p.server][
+                                  Math.floor(
+                                      Math.random() * results[p.server].length,
+                                  )
+                              ]
+                            : results[p.server];
+                        if (type === 'IPv6' && isIPv6(ip)) {
+                            try {
+                                ip = new ipAddress.Address6(ip).correctForm();
+                            } catch (e) {
+                                $.error(
+                                    `Failed to parse IPv6 address: ${ip}: ${e}`,
+                                );
+                            }
+                            if (/^2001::[^:]+:[^:]+:[^:]+$/.test(ip)) {
+                                p._IP4P = ip;
+                                const { server, port } = parseIP4P(ip);
+                                if (server && port) {
+                                    p._domain = p.server;
+                                    p.server = server;
+                                    p.port = port;
+                                    p.resolved = true;
+                                    p._IPv4 = p.server;
+                                    if (!isIP(p._IP)) {
+                                        p._IP = p.server;
+                                    }
+                                } else if (!p.resolved) {
+                                    p.resolved = false;
+                                }
+                            } else {
+                                p._domain = p.server;
+                                p.server = ip;
+                                p.resolved = true;
+                                p[`_${type}`] = p.server;
+                                if (!isIP(p._IP)) {
+                                    p._IP = p.server;
+                                }
+                            }
+                        } else {
+                            p._domain = p.server;
+                            p.server = ip;
+                            p.resolved = true;
+                            p[`_${type}`] = p.server;
+                            if (!isIP(p._IP)) {
+                                p._IP = p.server;
+                            }
+                        }
+                    } else if (!p.resolved) {
                         p.resolved = false;
                     }
                 }
             });
 
-            return proxies;
+            return proxies.filter((p) => {
+                if (filter === 'removeFailed') {
+                    return isIP(p.server) || p['_no-resolve'] || p.resolved;
+                } else if (filter === 'IPOnly') {
+                    return isIP(p.server);
+                } else if (filter === 'IPv4Only') {
+                    return isIPv4(p.server);
+                } else if (filter === 'IPv6Only') {
+                    return isIPv6(p.server);
+                } else {
+                    return true;
+                }
+            });
         },
     };
 }
@@ -529,6 +729,8 @@ function RegionFilter(regions) {
         SG: '🇸🇬',
         JP: '🇯🇵',
         UK: '🇬🇧',
+        DE: '🇩🇪',
+        KR: '🇰🇷',
     };
     return {
         name: 'Region Filter',
@@ -590,7 +792,7 @@ function TypeFilter(types) {
  1. This function name should be `filter`!
  2. Always declare variables before using them!
  */
-function ScriptFilter(script, targetPlatform, $arguments, source) {
+function ScriptFilter(script, targetPlatform, $arguments, source, $options) {
     return {
         name: 'Script Filter',
         func: async (proxies) => {
@@ -600,6 +802,7 @@ function ScriptFilter(script, targetPlatform, $arguments, source) {
                     'filter',
                     script,
                     $arguments,
+                    $options,
                 );
                 output = filter(proxies, targetPlatform, { source, ...env });
             })();
@@ -610,12 +813,19 @@ function ScriptFilter(script, targetPlatform, $arguments, source) {
             await (async function () {
                 const filter = createDynamicFunction(
                     'filter',
-                    `async function filter(proxies = []) {
-                        return proxies.filter(($server = {}) => {
-                          ${script}
-                        })
+                    `async function filter(input = []) {
+                        let proxies = input
+                        let list = []
+                        const fn = async ($server) => {
+                            ${script}
+                        }
+                        for await (let $server of proxies) {
+                            list.push(await fn($server))
+                        }
+                        return list
                       }`,
                     $arguments,
+                    $options,
                 );
                 output = filter(proxies, targetPlatform, { source, ...env });
             })();
@@ -649,20 +859,21 @@ async function ApplyFilter(filter, objs) {
     try {
         selected = await filter.func(objs);
     } catch (err) {
-        // print log and skip this filter
-        $.error(`Cannot apply filter ${filter.name}\n Reason: ${err}`);
         let funcErr = '';
         let funcErrMsg = `${err.message ?? err}`;
         if (funcErrMsg.includes('$server is not defined')) {
             funcErr = '';
         } else {
+            $.error(
+                `Cannot apply filter ${filter.name}(function filter)! Reason: ${err}`,
+            );
             funcErr = `执行 function filter 失败 ${funcErrMsg}; `;
         }
         try {
             selected = await filter.nodeFunc(objs);
         } catch (err) {
             $.error(
-                `Cannot apply filter ${filter.name}(node script)! Reason: ${err}`,
+                `Cannot apply filter ${filter.name}(shortcut script)! Reason: ${err}`,
             );
             let nodeErr = '';
             let nodeErrMsg = `${err.message ?? err}`;
@@ -670,7 +881,7 @@ async function ApplyFilter(filter, objs) {
                 nodeErr = '';
                 funcErr = `执行失败 ${funcErrMsg}`;
             } else {
-                nodeErr = `执行节点快捷过滤脚本 失败 ${nodeErr}`;
+                nodeErr = `执行快捷过滤脚本 失败 ${nodeErrMsg}`;
             }
             throw new Error(`脚本过滤 ${funcErr}${nodeErr}`);
         }
@@ -684,14 +895,20 @@ async function ApplyOperator(operator, objs) {
         const output_ = await operator.func(output);
         if (output_) output = output_;
     } catch (err) {
-        $.error(
-            `Cannot apply operator ${operator.name}(function operator)! Reason: ${err}`,
-        );
         let funcErr = '';
         let funcErrMsg = `${err.message ?? err}`;
-        if (funcErrMsg.includes('$server is not defined')) {
+        if (
+            funcErrMsg.includes('$server is not defined') ||
+            funcErrMsg.includes('$content is not defined') ||
+            funcErrMsg.includes('$files is not defined') ||
+            output?.$files ||
+            output?.$content
+        ) {
             funcErr = '';
         } else {
+            $.error(
+                `Cannot apply operator ${operator.name}(function operator)! Reason: ${err}`,
+            );
             funcErr = `执行 function operator 失败 ${funcErrMsg}; `;
         }
         try {
@@ -699,7 +916,7 @@ async function ApplyOperator(operator, objs) {
             if (output_) output = output_;
         } catch (err) {
             $.error(
-                `Cannot apply operator ${operator.name}(node script)! Reason: ${err}`,
+                `Cannot apply operator ${operator.name}(shortcut script)! Reason: ${err}`,
             );
             let nodeErr = '';
             let nodeErrMsg = `${err.message ?? err}`;
@@ -707,7 +924,7 @@ async function ApplyOperator(operator, objs) {
                 nodeErr = '';
                 funcErr = `执行失败 ${funcErrMsg}`;
             } else {
-                nodeErr = `执行节点快捷脚本 失败 ${nodeErr}`;
+                nodeErr = `执行快捷脚本 失败 ${nodeErrMsg}`;
             }
             throw new Error(`脚本操作 ${funcErr}${nodeErr}`);
         }
@@ -749,18 +966,19 @@ function clone(object) {
     return JSON.parse(JSON.stringify(object));
 }
 
-// remove flag
-function removeFlag(str) {
-    return str
-        .replace(/[\uD83C][\uDDE6-\uDDFF][\uD83C][\uDDE6-\uDDFF]/g, '')
-        .trim();
-}
-
-function createDynamicFunction(name, script, $arguments) {
-    const flowUtils = { getFlowHeaders, parseFlowHeaders, flowTransfer };
+function createDynamicFunction(name, script, $arguments, $options) {
+    const flowUtils = {
+        getFlowField,
+        getFlowHeaders,
+        parseFlowHeaders,
+        flowTransfer,
+        validCheck,
+        getRmainingDays,
+    };
     if ($.env.isLoon) {
         return new Function(
             '$arguments',
+            '$options',
             '$substore',
             'lodash',
             '$persistentStore',
@@ -769,9 +987,12 @@ function createDynamicFunction(name, script, $arguments) {
             'ProxyUtils',
             'scriptResourceCache',
             'flowUtils',
+            'produceArtifact',
+            'require',
             `${script}\n return ${name}`,
         )(
             $arguments,
+            $options,
             $,
             lodash,
             // eslint-disable-next-line no-undef
@@ -783,17 +1004,31 @@ function createDynamicFunction(name, script, $arguments) {
             ProxyUtils,
             scriptResourceCache,
             flowUtils,
+            produceArtifact,
+            eval(`typeof require !== "undefined"`) ? require : undefined,
         );
     } else {
         return new Function(
             '$arguments',
+            '$options',
             '$substore',
             'lodash',
             'ProxyUtils',
             'scriptResourceCache',
             'flowUtils',
-
+            'produceArtifact',
+            'require',
             `${script}\n return ${name}`,
-        )($arguments, $, lodash, ProxyUtils, scriptResourceCache, flowUtils);
+        )(
+            $arguments,
+            $options,
+            $,
+            lodash,
+            ProxyUtils,
+            scriptResourceCache,
+            flowUtils,
+            produceArtifact,
+            eval(`typeof require !== "undefined"`) ? require : undefined,
+        );
     }
 }

backend/src/core/proxy-utils/producers/clash.js

@@ -2,136 +2,188 @@ import { isPresent } from '@/core/proxy-utils/producers/utils';
 
 export default function Clash_Producer() {
     const type = 'ALL';
-    const produce = (proxies) => {
+    const produce = (proxies, type, opts = {}) => {
         // VLESS XTLS is not supported by Clash
         // https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/docs/config.yaml#L532
         // github.com/Dreamacro/clash/pull/2891/files
         // filter unsupported proxies
         // https://clash.wiki/configuration/outbound.html#shadowsocks
-        proxies = proxies.filter((proxy) => {
-            if (
-                ![
-                    'ss',
-                    'ssr',
-                    'vmess',
-                    'vless',
-                    'socks5',
-                    'http',
-                    'snell',
-                    'trojan',
-                    'wireguard',
-                ].includes(proxy.type) ||
-                (proxy.type === 'ss' &&
+        const list = proxies
+            .filter((proxy) => {
+                if (opts['include-unsupported-proxy']) return true;
+                if (
                     ![
-                        'aes-128-gcm',
-                        'aes-192-gcm',
-                        'aes-256-gcm',
-                        'aes-128-cfb',
-                        'aes-192-cfb',
-                        'aes-256-cfb',
-                        'aes-128-ctr',
-                        'aes-192-ctr',
-                        'aes-256-ctr',
-                        'rc4-md5',
-                        'chacha20-ietf',
-                        'xchacha20',
-                        'chacha20-ietf-poly1305',
-                        'xchacha20-ietf-poly1305',
-                    ].includes(proxy.cipher)) ||
-                (proxy.type === 'snell' && String(proxy.version) === '4') ||
-                (proxy.type === 'vless' &&
-                    (typeof proxy.flow !== 'undefined' ||
-                        proxy['reality-opts']))
-            ) {
-                return false;
-            }
-            return true;
-        });
-        return (
-            'proxies:\n' +
-            proxies
-                .map((proxy) => {
-                    if (proxy.type === 'vmess') {
-                        // handle vmess aead
-                        if (isPresent(proxy, 'aead')) {
-                            if (proxy.aead) {
-                                proxy.alterId = 0;
-                            }
-                            delete proxy.aead;
-                        }
-                        if (isPresent(proxy, 'sni')) {
-                            proxy.servername = proxy.sni;
-                            delete proxy.sni;
-                        }
-                        // https://dreamacro.github.io/clash/configuration/outbound.html#vmess
-                        if (
-                            isPresent(proxy, 'cipher') &&
-                            ![
-                                'auto',
-                                'aes-128-gcm',
-                                'chacha20-poly1305',
-                                'none',
-                            ].includes(proxy.cipher)
-                        ) {
-                            proxy.cipher = 'auto';
-                        }
-                    } else if (proxy.type === 'wireguard') {
-                        proxy.keepalive =
-                            proxy.keepalive ?? proxy['persistent-keepalive'];
-                        proxy['persistent-keepalive'] = proxy.keepalive;
-                        proxy['preshared-key'] =
-                            proxy['preshared-key'] ?? proxy['pre-shared-key'];
-                        proxy['pre-shared-key'] = proxy['preshared-key'];
-                    } else if (proxy.type === 'vless') {
-                        if (isPresent(proxy, 'sni')) {
-                            proxy.servername = proxy.sni;
-                            delete proxy.sni;
+                        'ss',
+                        'ssr',
+                        'vmess',
+                        'vless',
+                        'socks5',
+                        'http',
+                        'snell',
+                        'trojan',
+                        'wireguard',
+                    ].includes(proxy.type) ||
+                    (proxy.type === 'ss' &&
+                        ![
+                            'aes-128-gcm',
+                            'aes-192-gcm',
+                            'aes-256-gcm',
+                            'aes-128-cfb',
+                            'aes-192-cfb',
+                            'aes-256-cfb',
+                            'aes-128-ctr',
+                            'aes-192-ctr',
+                            'aes-256-ctr',
+                            'rc4-md5',
+                            'chacha20-ietf',
+                            'xchacha20',
+                            'chacha20-ietf-poly1305',
+                            'xchacha20-ietf-poly1305',
+                        ].includes(proxy.cipher)) ||
+                    (proxy.type === 'snell' && String(proxy.version) === '4') ||
+                    (proxy.type === 'vless' &&
+                        (typeof proxy.flow !== 'undefined' ||
+                            proxy['reality-opts']))
+                ) {
+                    return false;
+                }
+                return true;
+            })
+            .map((proxy) => {
+                if (proxy.type === 'vmess') {
+                    // handle vmess aead
+                    if (isPresent(proxy, 'aead')) {
+                        if (proxy.aead) {
+                            proxy.alterId = 0;
                         }
+                        delete proxy.aead;
                     }
+                    if (isPresent(proxy, 'sni')) {
+                        proxy.servername = proxy.sni;
+                        delete proxy.sni;
+                    }
+                    // https://dreamacro.github.io/clash/configuration/outbound.html#vmess
+                    if (
+                        isPresent(proxy, 'cipher') &&
+                        ![
+                            'auto',
+                            'aes-128-gcm',
+                            'chacha20-poly1305',
+                            'none',
+                        ].includes(proxy.cipher)
+                    ) {
+                        proxy.cipher = 'auto';
+                    }
+                } else if (proxy.type === 'wireguard') {
+                    proxy.keepalive =
+                        proxy.keepalive ?? proxy['persistent-keepalive'];
+                    proxy['persistent-keepalive'] = proxy.keepalive;
+                    proxy['preshared-key'] =
+                        proxy['preshared-key'] ?? proxy['pre-shared-key'];
+                    proxy['pre-shared-key'] = proxy['preshared-key'];
+                } else if (proxy.type === 'vless') {
+                    if (isPresent(proxy, 'sni')) {
+                        proxy.servername = proxy.sni;
+                        delete proxy.sni;
+                    }
+                }
 
+                if (
+                    ['vmess', 'vless'].includes(proxy.type) &&
+                    proxy.network === 'http'
+                ) {
+                    let httpPath = proxy['http-opts']?.path;
                     if (
-                        ['vmess', 'vless'].includes(proxy.type) &&
-                        proxy.network === 'http'
+                        isPresent(proxy, 'http-opts.path') &&
+                        !Array.isArray(httpPath)
                     ) {
-                        let httpPath = proxy['http-opts']?.path;
-                        if (
-                            isPresent(proxy, 'http-opts.path') &&
-                            !Array.isArray(httpPath)
-                        ) {
-                            proxy['http-opts'].path = [httpPath];
-                        }
-                        let httpHost = proxy['http-opts']?.headers?.Host;
-                        if (
-                            isPresent(proxy, 'http-opts.headers.Host') &&
-                            !Array.isArray(httpHost)
-                        ) {
-                            proxy['http-opts'].headers.Host = [httpHost];
-                        }
+                        proxy['http-opts'].path = [httpPath];
                     }
+                    let httpHost = proxy['http-opts']?.headers?.Host;
                     if (
-                        ['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(
-                            proxy.type,
-                        )
+                        isPresent(proxy, 'http-opts.headers.Host') &&
+                        !Array.isArray(httpHost)
                     ) {
-                        delete proxy.tls;
+                        proxy['http-opts'].headers.Host = [httpHost];
                     }
+                }
+                if (
+                    ['vmess', 'vless'].includes(proxy.type) &&
+                    proxy.network === 'h2'
+                ) {
+                    let path = proxy['h2-opts']?.path;
+                    if (
+                        isPresent(proxy, 'h2-opts.path') &&
+                        Array.isArray(path)
+                    ) {
+                        proxy['h2-opts'].path = path[0];
+                    }
+                    let host = proxy['h2-opts']?.headers?.host;
+                    if (
+                        isPresent(proxy, 'h2-opts.headers.Host') &&
+                        !Array.isArray(host)
+                    ) {
+                        proxy['h2-opts'].headers.host = [host];
+                    }
+                }
+                if (proxy['plugin-opts']?.tls) {
+                    if (isPresent(proxy, 'skip-cert-verify')) {
+                        proxy['plugin-opts']['skip-cert-verify'] =
+                            proxy['skip-cert-verify'];
+                    }
+                }
+                if (
+                    [
+                        'trojan',
+                        'tuic',
+                        'hysteria',
+                        'hysteria2',
+                        'juicity',
+                    ].includes(proxy.type)
+                ) {
+                    delete proxy.tls;
+                }
 
-                    if (proxy['tls-fingerprint']) {
-                        proxy.fingerprint = proxy['tls-fingerprint'];
+                if (proxy['tls-fingerprint']) {
+                    proxy.fingerprint = proxy['tls-fingerprint'];
+                }
+                delete proxy['tls-fingerprint'];
+
+                if (proxy['underlying-proxy']) {
+                    proxy['dialer-proxy'] = proxy['underlying-proxy'];
+                }
+                delete proxy['underlying-proxy'];
+
+                if (isPresent(proxy, 'tls') && typeof proxy.tls !== 'boolean') {
+                    delete proxy.tls;
+                }
+
+                delete proxy.subName;
+                delete proxy.collectionName;
+                delete proxy.id;
+                delete proxy.resolved;
+                delete proxy['no-resolve'];
+                if (type !== 'internal') {
+                    for (const key in proxy) {
+                        if (proxy[key] == null || /^_/i.test(key)) {
+                            delete proxy[key];
+                        }
                     }
-                    delete proxy['tls-fingerprint'];
-                    delete proxy.subName;
-                    delete proxy.collectionName;
-                    if (
-                        ['grpc'].includes(proxy.network) &&
-                        proxy[`${proxy.network}-opts`]
-                    ) {
-                        delete proxy[`${proxy.network}-opts`]['_grpc-type'];
-                    }
-                    return '  - ' + JSON.stringify(proxy) + '\n';
-                })
-                .join('')
-        );
+                }
+                if (
+                    ['grpc'].includes(proxy.network) &&
+                    proxy[`${proxy.network}-opts`]
+                ) {
+                    delete proxy[`${proxy.network}-opts`]['_grpc-type'];
+                }
+                return proxy;
+            });
+        return type === 'internal'
+            ? list
+            : 'proxies:\n' +
+                  list
+                      .map((proxy) => '  - ' + JSON.stringify(proxy) + '\n')
+                      .join('');
     };
     return { type, produce };
 }

backend/src/core/proxy-utils/producers/clashmeta.js

@@ -2,9 +2,10 @@ import { isPresent } from '@/core/proxy-utils/producers/utils';
 
 export default function ClashMeta_Producer() {
     const type = 'ALL';
-    const produce = (proxies, type) => {
+    const produce = (proxies, type, opts = {}) => {
         const list = proxies
             .filter((proxy) => {
+                if (opts['include-unsupported-proxy']) return true;
                 if (proxy.type === 'snell' && String(proxy.version) === '4') {
                     return false;
                 }
@@ -88,6 +89,18 @@ export default function ClashMeta_Producer() {
                         proxy.servername = proxy.sni;
                         delete proxy.sni;
                     }
+                } else if (proxy.type === 'ss') {
+                    if (
+                        isPresent(proxy, 'shadow-tls-password') &&
+                        !isPresent(proxy, 'plugin')
+                    ) {
+                        proxy.plugin = 'shadow-tls';
+                        proxy['plugin-opts'] = {
+                            host: proxy['shadow-tls-sni'],
+                            password: proxy['shadow-tls-password'],
+                            version: proxy['shadow-tls-version'],
+                        };
+                    }
                 }
 
                 if (
@@ -109,11 +122,40 @@ export default function ClashMeta_Producer() {
                         proxy['http-opts'].headers.Host = [httpHost];
                     }
                 }
-
                 if (
-                    ['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(
-                        proxy.type,
-                    )
+                    ['vmess', 'vless'].includes(proxy.type) &&
+                    proxy.network === 'h2'
+                ) {
+                    let path = proxy['h2-opts']?.path;
+                    if (
+                        isPresent(proxy, 'h2-opts.path') &&
+                        Array.isArray(path)
+                    ) {
+                        proxy['h2-opts'].path = path[0];
+                    }
+                    let host = proxy['h2-opts']?.headers?.host;
+                    if (
+                        isPresent(proxy, 'h2-opts.headers.Host') &&
+                        !Array.isArray(host)
+                    ) {
+                        proxy['h2-opts'].headers.host = [host];
+                    }
+                }
+
+                if (proxy['plugin-opts']?.tls) {
+                    if (isPresent(proxy, 'skip-cert-verify')) {
+                        proxy['plugin-opts']['skip-cert-verify'] =
+                            proxy['skip-cert-verify'];
+                    }
+                }
+                if (
+                    [
+                        'trojan',
+                        'tuic',
+                        'hysteria',
+                        'hysteria2',
+                        'juicity',
+                    ].includes(proxy.type)
                 ) {
                     delete proxy.tls;
                 }
@@ -122,8 +164,27 @@ export default function ClashMeta_Producer() {
                     proxy.fingerprint = proxy['tls-fingerprint'];
                 }
                 delete proxy['tls-fingerprint'];
+
+                if (proxy['underlying-proxy']) {
+                    proxy['dialer-proxy'] = proxy['underlying-proxy'];
+                }
+                delete proxy['underlying-proxy'];
+
+                if (isPresent(proxy, 'tls') && typeof proxy.tls !== 'boolean') {
+                    delete proxy.tls;
+                }
                 delete proxy.subName;
                 delete proxy.collectionName;
+                delete proxy.id;
+                delete proxy.resolved;
+                delete proxy['no-resolve'];
+                if (type !== 'internal') {
+                    for (const key in proxy) {
+                        if (proxy[key] == null || /^_/i.test(key)) {
+                            delete proxy[key];
+                        }
+                    }
+                }
                 if (
                     ['grpc'].includes(proxy.network) &&
                     proxy[`${proxy.network}-opts`]

backend/src/core/proxy-utils/producers/index.js

@@ -7,16 +7,20 @@ import Loon_Producer from './loon';
 import URI_Producer from './uri';
 import V2Ray_Producer from './v2ray';
 import QX_Producer from './qx';
-import ShadowRocket_Producer from './shadowrocket';
+import Shadowrocket_Producer from './shadowrocket';
+import Surfboard_Producer from './surfboard';
+import singbox_Producer from './sing-box';
 
 function JSON_Producer() {
     const type = 'ALL';
-    const produce = (proxies) => JSON.stringify(proxies, null, 2);
+    const produce = (proxies, type) =>
+        type === 'internal' ? proxies : JSON.stringify(proxies, null, 2);
     return { type, produce };
 }
 
 export default {
     QX: QX_Producer(),
+    QuantumultX: QX_Producer(),
     Surge: Surge_Producer(),
     SurgeMac: SurgeMac_Producer(),
     Loon: Loon_Producer(),
@@ -26,5 +30,8 @@ export default {
     V2Ray: V2Ray_Producer(),
     JSON: JSON_Producer(),
     Stash: Stash_Producer(),
-    ShadowRocket: ShadowRocket_Producer(),
+    Shadowrocket: Shadowrocket_Producer(),
+    ShadowRocket: Shadowrocket_Producer(),
+    Surfboard: Surfboard_Producer(),
+    'sing-box': singbox_Producer(),
 };

backend/src/core/proxy-utils/producers/loon.js

@@ -18,6 +18,8 @@ export default function Loon_Producer() {
                 return vless(proxy);
             case 'http':
                 return http(proxy);
+            case 'socks5':
+                return socks5(proxy);
             case 'wireguard':
                 return wireguard(proxy);
             case 'hysteria2':
@@ -32,6 +34,32 @@ export default function Loon_Producer() {
 
 function shadowsocks(proxy) {
     const result = new Result(proxy);
+    if (
+        ![
+            'rc4',
+            'rc4-md5',
+            'aes-128-cfb',
+            'aes-192-cfb',
+            'aes-256-cfb',
+            'aes-128-ctr',
+            'aes-192-ctr',
+            'aes-256-ctr',
+            'bf-cfb',
+            'camellia-128-cfb',
+            'camellia-192-cfb',
+            'camellia-256-cfb',
+            'salsa20',
+            'chacha20',
+            'chacha20-ietf',
+            'aes-128-gcm',
+            'aes-192-gcm',
+            'aes-256-gcm',
+            'chacha20-ietf-poly1305',
+            'xchacha20-ietf-poly1305',
+        ].includes(proxy.cipher)
+    ) {
+        throw new Error(`cipher ${proxy.cipher} is not supported`);
+    }
     result.append(
         `${proxy.name}=shadowsocks,${proxy.server},${proxy.port},${proxy.cipher},"${proxy.password}"`,
     );
@@ -57,7 +85,9 @@ function shadowsocks(proxy) {
     result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');
 
     // udp
-    result.appendIfPresent(`,udp=${proxy.udp}`, 'udp');
+    if (proxy.udp) {
+        result.append(`,udp=true`);
+    }
 
     return result.toString();
 }
@@ -83,7 +113,9 @@ function shadowsocksr(proxy) {
     result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');
 
     // udp
-    result.appendIfPresent(`,udp=${proxy.udp}`, 'udp');
+    if (proxy.udp) {
+        result.append(`,udp=true`);
+    }
 
     return result.toString();
 }
@@ -93,7 +125,9 @@ function trojan(proxy) {
     result.append(
         `${proxy.name}=trojan,${proxy.server},${proxy.port},"${proxy.password}"`,
     );
-
+    if (proxy.network === 'tcp') {
+        delete proxy.network;
+    }
     // transport
     if (isPresent(proxy, 'network')) {
         if (proxy.network === 'ws') {
@@ -119,12 +153,22 @@ function trojan(proxy) {
 
     // sni
     result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+        'tls-fingerprint',
+    );
+    result.appendIfPresent(
+        `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+        'tls-pubkey-sha256',
+    );
 
     // tfo
     result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');
 
     // udp
-    result.appendIfPresent(`,udp=${proxy.udp}`, 'udp');
+    if (proxy.udp) {
+        result.append(`,udp=true`);
+    }
 
     return result.toString();
 }
@@ -134,7 +178,9 @@ function vmess(proxy) {
     result.append(
         `${proxy.name}=vmess,${proxy.server},${proxy.port},${proxy.cipher},"${proxy.uuid}"`,
     );
-
+    if (proxy.network === 'tcp') {
+        delete proxy.network;
+    }
     // transport
     if (isPresent(proxy, 'network')) {
         if (proxy.network === 'ws') {
@@ -177,6 +223,14 @@ function vmess(proxy) {
 
     // sni
     result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+        'tls-fingerprint',
+    );
+    result.appendIfPresent(
+        `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+        'tls-pubkey-sha256',
+    );
 
     // AEAD
     if (isPresent(proxy, 'aead')) {
@@ -189,19 +243,23 @@ function vmess(proxy) {
     result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');
 
     // udp
-    result.appendIfPresent(`,udp=${proxy.udp}`, 'udp');
+    if (proxy.udp) {
+        result.append(`,udp=true`);
+    }
     return result.toString();
 }
 
 function vless(proxy) {
     if (proxy['reality-opts']) {
-        throw new Error(`reality is unsupported`);
+        throw new Error(`VLESS REALITY is unsupported`);
     }
     const result = new Result(proxy);
     result.append(
         `${proxy.name}=vless,${proxy.server},${proxy.port},"${proxy.uuid}"`,
     );
-
+    if (proxy.network === 'tcp') {
+        delete proxy.network;
+    }
     // transport
     if (isPresent(proxy, 'network')) {
         if (proxy.network === 'ws') {
@@ -244,12 +302,22 @@ function vless(proxy) {
 
     // sni
     result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+        'tls-fingerprint',
+    );
+    result.appendIfPresent(
+        `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+        'tls-pubkey-sha256',
+    );
 
     // tfo
     result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');
 
     // udp
-    result.appendIfPresent(`,udp=${proxy.udp}`, 'udp');
+    if (proxy.udp) {
+        result.append(`,udp=true`);
+    }
     return result.toString();
 }
 
@@ -272,8 +340,34 @@ function http(proxy) {
     // tfo
     result.appendIfPresent(`,tfo=${proxy.tfo}`, 'tfo');
 
+    return result.toString();
+}
+function socks5(proxy) {
+    const result = new Result(proxy);
+    result.append(`${proxy.name}=socks5,${proxy.server},${proxy.port}`);
+    result.appendIfPresent(`,${proxy.username}`, 'username');
+    result.appendIfPresent(`,"${proxy.password}"`, 'password');
+
+    // tls
+    result.appendIfPresent(`,over-tls=${proxy.tls}`, 'tls');
+
+    // sni
+    result.appendIfPresent(`,sni=${proxy.sni}`, 'sni');
+
+    // tls verification
+    result.appendIfPresent(
+        `,skip-cert-verify=${proxy['skip-cert-verify']}`,
+        'skip-cert-verify',
+    );
+
+    // tfo
+    result.appendIfPresent(`,tfo=${proxy.tfo}`, 'tfo');
+
     // udp
-    result.appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
+    if (proxy.udp) {
+        result.append(`,udp=true`);
+    }
+
     return result.toString();
 }
 
@@ -285,7 +379,8 @@ function wireguard(proxy) {
         proxy.ipv6 = proxy.peers[0].ipv6;
         proxy['public-key'] = proxy.peers[0]['public-key'];
         proxy['preshared-key'] = proxy.peers[0]['pre-shared-key'];
-        proxy['allowed-ips'] = proxy.peers[0]['allowed_ips'];
+        // https://github.com/MetaCubeX/mihomo/blob/0404e35be8736b695eae018a08debb175c1f96e6/docs/config.yaml#L717
+        proxy['allowed-ips'] = proxy.peers[0]['allowed-ips'];
         proxy.reserved = proxy.peers[0].reserved;
     }
     const result = new Result(proxy);
@@ -303,7 +398,11 @@ function wireguard(proxy) {
     if (proxy.dns) {
         if (Array.isArray(proxy.dns)) {
             proxy.dnsv6 = proxy.dns.find((i) => isIPv6(i));
-            proxy.dns = proxy.dns.find((i) => isIPv4(i));
+            let dns = proxy.dns.find((i) => isIPv4(i));
+            if (!dns) {
+                dns = proxy.dns.find((i) => !isIPv4(i) && !isIPv6(i));
+            }
+            proxy.dns = dns;
         }
     }
     result.appendIfPresent(`,dns=${proxy.dns}`, 'dns');
@@ -338,8 +437,8 @@ function wireguard(proxy) {
 }
 
 function hysteria2(proxy) {
-    if (proxy.obfs || proxy['obfs-password']) {
-        throw new Error(`obfs is unsupported`);
+    if (proxy['obfs-password'] && proxy.obfs != 'salamander') {
+        throw new Error(`only salamander obfs is supported`);
     }
     const result = new Result(proxy);
     result.append(`${proxy.name}=Hysteria2,${proxy.server},${proxy.port}`);
@@ -348,13 +447,30 @@ function hysteria2(proxy) {
 
     // sni
     result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+        'tls-fingerprint',
+    );
+    result.appendIfPresent(
+        `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+        'tls-pubkey-sha256',
+    );
     result.appendIfPresent(
         `,skip-cert-verify=${proxy['skip-cert-verify']}`,
         'skip-cert-verify',
     );
 
+    if (proxy['obfs-password'] && proxy.obfs == 'salamander') {
+        result.append(`,salamander-password=${proxy['obfs-password']}`);
+    }
+
+    // tfo
+    result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');
+
     // udp
-    result.appendIfPresent(`,udp=${proxy.udp}`, 'udp');
+    if (proxy.udp) {
+        result.append(`,udp=true`);
+    }
 
     // download-bandwidth
     result.appendIfPresent(

backend/src/core/proxy-utils/producers/qx.js

@@ -3,7 +3,8 @@ import { isPresent, Result } from './utils';
 const targetPlatform = 'QX';
 
 export default function QX_Producer() {
-    const produce = (proxy) => {
+    // eslint-disable-next-line no-unused-vars
+    const produce = (proxy, type, opts = {}) => {
         switch (proxy.type) {
             case 'ss':
                 return shadowsocks(proxy);
@@ -17,6 +18,8 @@ export default function QX_Producer() {
                 return http(proxy);
             case 'socks5':
                 return socks5(proxy);
+            case 'vless':
+                return vless(proxy);
         }
         throw new Error(
             `Platform ${targetPlatform} does not support proxy type: ${proxy.type}`,
@@ -29,7 +32,36 @@ function shadowsocks(proxy) {
     const result = new Result(proxy);
     const append = result.append.bind(result);
     const appendIfPresent = result.appendIfPresent.bind(result);
-
+    if (!proxy.cipher) {
+        proxy.cipher = 'none';
+    }
+    if (
+        ![
+            'none',
+            'rc4-md5',
+            'rc4-md5-6',
+            'aes-128-cfb',
+            'aes-192-cfb',
+            'aes-256-cfb',
+            'aes-128-ctr',
+            'aes-192-ctr',
+            'aes-256-ctr',
+            'bf-cfb',
+            'cast5-cfb',
+            'des-cfb',
+            'rc2-cfb',
+            'salsa20',
+            'chacha20',
+            'chacha20-ietf',
+            'aes-128-gcm',
+            'aes-192-gcm',
+            'aes-256-gcm',
+            'chacha20-ietf-poly1305',
+            'xchacha20-ietf-poly1305',
+        ].includes(proxy.cipher)
+    ) {
+        throw new Error(`cipher ${proxy.cipher} is not supported`);
+    }
     append(`shadowsocks=${proxy.server}:${proxy.port}`);
     append(`,method=${proxy.cipher}`);
     append(`,password=${proxy.password}`);
@@ -325,6 +357,105 @@ function vmess(proxy) {
 
     return result.toString();
 }
+function vless(proxy) {
+    if (typeof proxy.flow !== 'undefined' || proxy['reality-opts']) {
+        throw new Error(`VLESS XTLS/REALITY is not supported`);
+    }
+
+    const result = new Result(proxy);
+    const append = result.append.bind(result);
+    const appendIfPresent = result.appendIfPresent.bind(result);
+
+    append(`vless=${proxy.server}:${proxy.port}`);
+
+    // The method field for vless should be none.
+    let cipher = 'none';
+    // if (proxy.cipher === 'auto') {
+    //     cipher = 'chacha20-ietf-poly1305';
+    // } else {
+    //     cipher = proxy.cipher;
+    // }
+    append(`,method=${cipher}`);
+
+    append(`,password=${proxy.uuid}`);
+
+    // obfs
+    if (needTls(proxy)) {
+        proxy.tls = true;
+    }
+    if (isPresent(proxy, 'network')) {
+        if (proxy.network === 'ws') {
+            if (proxy.tls) append(`,obfs=wss`);
+            else append(`,obfs=ws`);
+        } else if (proxy.network === 'http') {
+            append(`,obfs=http`);
+        } else if (!['tcp'].includes(proxy.network)) {
+            throw new Error(`network ${proxy.network} is unsupported`);
+        }
+        let transportPath = proxy[`${proxy.network}-opts`]?.path;
+        let transportHost = proxy[`${proxy.network}-opts`]?.headers?.Host;
+        appendIfPresent(
+            `,obfs-uri=${
+                Array.isArray(transportPath) ? transportPath[0] : transportPath
+            }`,
+            `${proxy.network}-opts.path`,
+        );
+        appendIfPresent(
+            `,obfs-host=${
+                Array.isArray(transportHost) ? transportHost[0] : transportHost
+            }`,
+            `${proxy.network}-opts.headers.Host`,
+        );
+    } else {
+        // over-tls
+        if (proxy.tls) append(`,obfs=over-tls`);
+    }
+
+    if (needTls(proxy)) {
+        appendIfPresent(
+            `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+            'tls-pubkey-sha256',
+        );
+        appendIfPresent(`,tls-alpn=${proxy['tls-alpn']}`, 'tls-alpn');
+        appendIfPresent(
+            `,tls-no-session-ticket=${proxy['tls-no-session-ticket']}`,
+            'tls-no-session-ticket',
+        );
+        appendIfPresent(
+            `,tls-no-session-reuse=${proxy['tls-no-session-reuse']}`,
+            'tls-no-session-reuse',
+        );
+        // tls fingerprint
+        appendIfPresent(
+            `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+            'tls-fingerprint',
+        );
+
+        // tls verification
+        appendIfPresent(
+            `,tls-verification=${!proxy['skip-cert-verify']}`,
+            'skip-cert-verify',
+        );
+        appendIfPresent(`,tls-host=${proxy.sni}`, 'sni');
+    }
+
+    // tfo
+    appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');
+
+    // udp
+    appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
+
+    // server_check_url
+    result.appendIfPresent(
+        `,server_check_url=${proxy['test-url']}`,
+        'test-url',
+    );
+
+    // tag
+    append(`,tag=${proxy.name}`);
+
+    return result.toString();
+}
 
 function http(proxy) {
     const result = new Result(proxy);

backend/src/core/proxy-utils/producers/shadowrocket.js

@@ -2,162 +2,208 @@ import { isPresent } from '@/core/proxy-utils/producers/utils';
 
 export default function ShadowRocket_Producer() {
     const type = 'ALL';
-    const produce = (proxies) => {
-        return (
-            'proxies:\n' +
-            proxies
-                .filter((proxy) => {
+    const produce = (proxies, type, opts = {}) => {
+        const list = proxies
+            .filter((proxy) => {
+                if (opts['include-unsupported-proxy']) return true;
+                if (proxy.type === 'snell' && String(proxy.version) === '4') {
+                    return false;
+                }
+                return true;
+            })
+            .map((proxy) => {
+                if (proxy.type === 'vmess') {
+                    // handle vmess aead
+                    if (isPresent(proxy, 'aead')) {
+                        if (proxy.aead) {
+                            proxy.alterId = 0;
+                        }
+                        delete proxy.aead;
+                    }
+                    if (isPresent(proxy, 'sni')) {
+                        proxy.servername = proxy.sni;
+                        delete proxy.sni;
+                    }
+                    // https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/docs/config.yaml#L400
+                    // https://stash.wiki/proxy-protocols/proxy-types#vmess
                     if (
-                        proxy.type === 'snell' &&
-                        String(proxy.version) === '4'
+                        isPresent(proxy, 'cipher') &&
+                        ![
+                            'auto',
+                            'aes-128-gcm',
+                            'chacha20-poly1305',
+                            'none',
+                        ].includes(proxy.cipher)
                     ) {
-                        return false;
+                        proxy.cipher = 'auto';
                     }
-                    return true;
-                })
-                .map((proxy) => {
-                    if (proxy.type === 'vmess') {
-                        // handle vmess aead
-                        if (isPresent(proxy, 'aead')) {
-                            if (proxy.aead) {
-                                proxy.alterId = 0;
-                            }
-                            delete proxy.aead;
-                        }
-                        if (isPresent(proxy, 'sni')) {
-                            proxy.servername = proxy.sni;
-                            delete proxy.sni;
-                        }
-                        // https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/docs/config.yaml#L400
-                        // https://stash.wiki/proxy-protocols/proxy-types#vmess
-                        if (
-                            isPresent(proxy, 'cipher') &&
-                            ![
-                                'auto',
-                                'aes-128-gcm',
-                                'chacha20-poly1305',
-                                'none',
-                            ].includes(proxy.cipher)
-                        ) {
-                            proxy.cipher = 'auto';
-                        }
-                    } else if (proxy.type === 'tuic') {
-                        if (isPresent(proxy, 'alpn')) {
-                            proxy.alpn = Array.isArray(proxy.alpn)
-                                ? proxy.alpn
-                                : [proxy.alpn];
-                        } else {
-                            proxy.alpn = ['h3'];
-                        }
-                        if (
-                            isPresent(proxy, 'tfo') &&
-                            !isPresent(proxy, 'fast-open')
-                        ) {
-                            proxy['fast-open'] = proxy.tfo;
-                        }
-                        // https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/adapter/outbound/tuic.go#L197
-                        if (
-                            (!proxy.token || proxy.token.length === 0) &&
-                            !isPresent(proxy, 'version')
-                        ) {
-                            proxy.version = 5;
-                        }
-                    } else if (proxy.type === 'hysteria') {
-                        // auth_str 将会在未来某个时候删除 但是有的机场不规范
-                        if (
-                            isPresent(proxy, 'auth_str') &&
-                            !isPresent(proxy, 'auth-str')
-                        ) {
-                            proxy['auth-str'] = proxy['auth_str'];
-                        }
-                        if (isPresent(proxy, 'alpn')) {
-                            proxy.alpn = Array.isArray(proxy.alpn)
-                                ? proxy.alpn
-                                : [proxy.alpn];
-                        }
-                        if (
-                            isPresent(proxy, 'tfo') &&
-                            !isPresent(proxy, 'fast-open')
-                        ) {
-                            proxy['fast-open'] = proxy.tfo;
-                        }
-                    } else if (proxy.type === 'hysteria2') {
-                        if (
-                            proxy['obfs-password'] &&
-                            proxy.obfs == 'salamander'
-                        ) {
-                            proxy.obfs = proxy['obfs-password'];
-                            delete proxy['obfs-password'];
-                        }
-                        if (isPresent(proxy, 'alpn')) {
-                            proxy.alpn = Array.isArray(proxy.alpn)
-                                ? proxy.alpn
-                                : [proxy.alpn];
-                        }
-                        if (
-                            isPresent(proxy, 'tfo') &&
-                            !isPresent(proxy, 'fast-open')
-                        ) {
-                            proxy['fast-open'] = proxy.tfo;
-                        }
-                    } else if (proxy.type === 'wireguard') {
-                        proxy.keepalive =
-                            proxy.keepalive ?? proxy['persistent-keepalive'];
-                        proxy['persistent-keepalive'] = proxy.keepalive;
-                        proxy['preshared-key'] =
-                            proxy['preshared-key'] ?? proxy['pre-shared-key'];
-                        proxy['pre-shared-key'] = proxy['preshared-key'];
-                    } else if (proxy.type === 'vless') {
-                        if (isPresent(proxy, 'sni')) {
-                            proxy.servername = proxy.sni;
-                            delete proxy.sni;
-                        }
+                } else if (proxy.type === 'tuic') {
+                    if (isPresent(proxy, 'alpn')) {
+                        proxy.alpn = Array.isArray(proxy.alpn)
+                            ? proxy.alpn
+                            : [proxy.alpn];
+                    } else {
+                        proxy.alpn = ['h3'];
                     }
+                    if (
+                        isPresent(proxy, 'tfo') &&
+                        !isPresent(proxy, 'fast-open')
+                    ) {
+                        proxy['fast-open'] = proxy.tfo;
+                    }
+                    // https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/adapter/outbound/tuic.go#L197
+                    if (
+                        (!proxy.token || proxy.token.length === 0) &&
+                        !isPresent(proxy, 'version')
+                    ) {
+                        proxy.version = 5;
+                    }
+                } else if (proxy.type === 'hysteria') {
+                    // auth_str 将会在未来某个时候删除 但是有的机场不规范
+                    if (
+                        isPresent(proxy, 'auth_str') &&
+                        !isPresent(proxy, 'auth-str')
+                    ) {
+                        proxy['auth-str'] = proxy['auth_str'];
+                    }
+                    if (isPresent(proxy, 'alpn')) {
+                        proxy.alpn = Array.isArray(proxy.alpn)
+                            ? proxy.alpn
+                            : [proxy.alpn];
+                    }
+                    if (
+                        isPresent(proxy, 'tfo') &&
+                        !isPresent(proxy, 'fast-open')
+                    ) {
+                        proxy['fast-open'] = proxy.tfo;
+                    }
+                } else if (proxy.type === 'hysteria2') {
+                    if (proxy['obfs-password'] && proxy.obfs == 'salamander') {
+                        proxy.obfs = proxy['obfs-password'];
+                        delete proxy['obfs-password'];
+                    }
+                    if (isPresent(proxy, 'alpn')) {
+                        proxy.alpn = Array.isArray(proxy.alpn)
+                            ? proxy.alpn
+                            : [proxy.alpn];
+                    }
+                    if (
+                        isPresent(proxy, 'tfo') &&
+                        !isPresent(proxy, 'fast-open')
+                    ) {
+                        proxy['fast-open'] = proxy.tfo;
+                    }
+                } else if (proxy.type === 'wireguard') {
+                    proxy.keepalive =
+                        proxy.keepalive ?? proxy['persistent-keepalive'];
+                    proxy['persistent-keepalive'] = proxy.keepalive;
+                    proxy['preshared-key'] =
+                        proxy['preshared-key'] ?? proxy['pre-shared-key'];
+                    proxy['pre-shared-key'] = proxy['preshared-key'];
+                } else if (proxy.type === 'vless') {
+                    if (isPresent(proxy, 'sni')) {
+                        proxy.servername = proxy.sni;
+                        delete proxy.sni;
+                    }
+                }
 
+                if (
+                    ['vmess', 'vless'].includes(proxy.type) &&
+                    proxy.network === 'http'
+                ) {
+                    let httpPath = proxy['http-opts']?.path;
                     if (
-                        ['vmess', 'vless'].includes(proxy.type) &&
-                        proxy.network === 'http'
+                        isPresent(proxy, 'http-opts.path') &&
+                        !Array.isArray(httpPath)
                     ) {
-                        let httpPath = proxy['http-opts']?.path;
-                        if (
-                            isPresent(proxy, 'http-opts.path') &&
-                            !Array.isArray(httpPath)
-                        ) {
-                            proxy['http-opts'].path = [httpPath];
-                        }
-                        let httpHost = proxy['http-opts']?.headers?.Host;
-                        if (
-                            isPresent(proxy, 'http-opts.headers.Host') &&
-                            !Array.isArray(httpHost)
-                        ) {
-                            proxy['http-opts'].headers.Host = [httpHost];
+                        proxy['http-opts'].path = [httpPath];
+                    }
+                    let httpHost = proxy['http-opts']?.headers?.Host;
+                    if (
+                        isPresent(proxy, 'http-opts.headers.Host') &&
+                        !Array.isArray(httpHost)
+                    ) {
+                        proxy['http-opts'].headers.Host = [httpHost];
+                    }
+                }
+                if (
+                    ['vmess', 'vless'].includes(proxy.type) &&
+                    proxy.network === 'h2'
+                ) {
+                    let path = proxy['h2-opts']?.path;
+                    if (
+                        isPresent(proxy, 'h2-opts.path') &&
+                        Array.isArray(path)
+                    ) {
+                        proxy['h2-opts'].path = path[0];
+                    }
+                    let host = proxy['h2-opts']?.headers?.host;
+                    if (
+                        isPresent(proxy, 'h2-opts.headers.Host') &&
+                        !Array.isArray(host)
+                    ) {
+                        proxy['h2-opts'].headers.host = [host];
+                    }
+                }
+                if (proxy['plugin-opts']?.tls) {
+                    if (isPresent(proxy, 'skip-cert-verify')) {
+                        proxy['plugin-opts']['skip-cert-verify'] =
+                            proxy['skip-cert-verify'];
+                    }
+                }
+                if (
+                    [
+                        'trojan',
+                        'tuic',
+                        'hysteria',
+                        'hysteria2',
+                        'juicity',
+                    ].includes(proxy.type)
+                ) {
+                    delete proxy.tls;
+                }
+
+                if (proxy['tls-fingerprint']) {
+                    proxy.fingerprint = proxy['tls-fingerprint'];
+                }
+                delete proxy['tls-fingerprint'];
+
+                if (proxy['underlying-proxy']) {
+                    proxy['dialer-proxy'] = proxy['underlying-proxy'];
+                }
+                delete proxy['underlying-proxy'];
+
+                if (isPresent(proxy, 'tls') && typeof proxy.tls !== 'boolean') {
+                    delete proxy.tls;
+                }
+                delete proxy.subName;
+                delete proxy.collectionName;
+                delete proxy.id;
+                delete proxy.resolved;
+                delete proxy['no-resolve'];
+                if (type !== 'internal') {
+                    for (const key in proxy) {
+                        if (proxy[key] == null || /^_/i.test(key)) {
+                            delete proxy[key];
                         }
                     }
-
-                    if (
-                        ['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(
-                            proxy.type,
-                        )
-                    ) {
-                        delete proxy.tls;
-                    }
-
-                    if (proxy['tls-fingerprint']) {
-                        proxy.fingerprint = proxy['tls-fingerprint'];
-                    }
-                    delete proxy['tls-fingerprint'];
-                    delete proxy.subName;
-                    delete proxy.collectionName;
-                    if (
-                        ['grpc'].includes(proxy.network) &&
-                        proxy[`${proxy.network}-opts`]
-                    ) {
-                        delete proxy[`${proxy.network}-opts`]['_grpc-type'];
-                    }
-                    return '  - ' + JSON.stringify(proxy) + '\n';
-                })
-                .join('')
-        );
+                }
+                if (
+                    ['grpc'].includes(proxy.network) &&
+                    proxy[`${proxy.network}-opts`]
+                ) {
+                    delete proxy[`${proxy.network}-opts`]['_grpc-type'];
+                }
+                return proxy;
+            });
+        return type === 'internal'
+            ? list
+            : 'proxies:\n' +
+                  list
+                      .map((proxy) => {
+                          return '  - ' + JSON.stringify(proxy) + '\n';
+                      })
+                      .join('');
     };
     return { type, produce };
 }

backend/src/core/proxy-utils/producers/sing-box.js

@@ -0,0 +1,819 @@
+import ClashMeta_Producer from './clashmeta';
+import $ from '@/core/app';
+import { isIPv4, isIPv6 } from '@/utils';
+
+const detourParser = (proxy, parsedProxy) => {
+    if (proxy['dialer-proxy']) parsedProxy.detour = proxy['dialer-proxy'];
+};
+const tfoParser = (proxy, parsedProxy) => {
+    parsedProxy.tcp_fast_open = false;
+    if (proxy.tfo) parsedProxy.tcp_fast_open = true;
+    if (proxy.tcp_fast_open) parsedProxy.tcp_fast_open = true;
+    if (proxy['tcp-fast-open']) parsedProxy.tcp_fast_open = true;
+    if (!parsedProxy.tcp_fast_open) delete parsedProxy.tcp_fast_open;
+};
+
+const smuxParser = (smux, proxy) => {
+    if (!smux || !smux.enabled) return;
+    proxy.multiplex = { enabled: true };
+    proxy.multiplex.protocol = smux.protocol;
+    if (smux['max-connections'])
+        proxy.multiplex.max_connections = parseInt(
+            `${smux['max-connections']}`,
+            10,
+        );
+    if (smux['max-streams'])
+        proxy.multiplex.max_streams = parseInt(`${smux['max-streams']}`, 10);
+    if (smux['min-streams'])
+        proxy.multiplex.min_streams = parseInt(`${smux['min-streams']}`, 10);
+    if (smux.padding) proxy.multiplex.padding = true;
+};
+
+const wsParser = (proxy, parsedProxy) => {
+    const transport = { type: 'ws', headers: {} };
+    if (proxy['ws-opts']) {
+        const { path: wsPath = '', headers: wsHeaders = {} } = proxy['ws-opts'];
+        if (wsPath !== '') transport.path = `${wsPath}`;
+        if (Object.keys(wsHeaders).length > 0) {
+            const headers = {};
+            for (const key of Object.keys(wsHeaders)) {
+                let value = wsHeaders[key];
+                if (value === '') continue;
+                if (!Array.isArray(value)) value = [`${value}`];
+                if (value.length > 0) headers[key] = value;
+            }
+            const { Host: wsHost } = headers;
+            if (wsHost.length === 1)
+                for (const item of `Host:${wsHost[0]}`.split('\n')) {
+                    const [key, value] = item.split(':');
+                    if (value.trim() === '') continue;
+                    headers[key.trim()] = value.trim().split(',');
+                }
+            transport.headers = headers;
+        }
+    }
+    if (proxy['ws-headers']) {
+        const headers = {};
+        for (const key of Object.keys(proxy['ws-headers'])) {
+            let value = proxy['ws-headers'][key];
+            if (value === '') continue;
+            if (!Array.isArray(value)) value = [`${value}`];
+            if (value.length > 0) headers[key] = value;
+        }
+        const { Host: wsHost } = headers;
+        if (wsHost.length === 1)
+            for (const item of `Host:${wsHost[0]}`.split('\n')) {
+                const [key, value] = item.split(':');
+                if (value.trim() === '') continue;
+                headers[key.trim()] = value.trim().split(',');
+            }
+        for (const key of Object.keys(headers))
+            transport.headers[key] = headers[key];
+    }
+    if (proxy['ws-path'] && proxy['ws-path'] !== '')
+        transport.path = `${proxy['ws-path']}`;
+    if (transport.path) {
+        const reg = /^(.*?)(?:\?ed=(\d+))?$/;
+        // eslint-disable-next-line no-unused-vars
+        const [_, path = '', ed = ''] = reg.exec(transport.path);
+        transport.path = path;
+        if (ed !== '') {
+            transport.early_data_header_name = 'Sec-WebSocket-Protocol';
+            transport.max_early_data = parseInt(ed, 10);
+        }
+    }
+
+    if (parsedProxy.tls.insecure)
+        parsedProxy.tls.server_name = transport.headers.Host[0];
+    if (proxy['ws-opts'] && proxy['ws-opts']['v2ray-http-upgrade']) {
+        transport.type = 'httpupgrade';
+        if (transport.headers.Host) {
+            transport.host = transport.headers.Host[0];
+            delete transport.headers.Host;
+        }
+        if (transport.max_early_data) delete transport.max_early_data;
+        if (transport.early_data_header_name)
+            delete transport.early_data_header_name;
+    }
+    for (const key of Object.keys(transport.headers)) {
+        const value = transport.headers[key];
+        if (value.length === 1) transport.headers[key] = value[0];
+    }
+    parsedProxy.transport = transport;
+};
+
+const h1Parser = (proxy, parsedProxy) => {
+    const transport = { type: 'http', headers: {} };
+    if (proxy['http-opts']) {
+        const {
+            method = '',
+            path: h1Path = '',
+            headers: h1Headers = {},
+        } = proxy['http-opts'];
+        if (method !== '') transport.method = method;
+        if (Array.isArray(h1Path)) {
+            transport.path = `${h1Path[0]}`;
+        } else if (h1Path !== '') transport.path = `${h1Path}`;
+        for (const key of Object.keys(h1Headers)) {
+            let value = h1Headers[key];
+            if (value === '') continue;
+            if (key.toLowerCase() === 'host') {
+                let host = value;
+                if (!Array.isArray(host))
+                    host = `${host}`.split(',').map((i) => i.trim());
+                if (host.length > 0) transport.host = host;
+                continue;
+            }
+            if (!Array.isArray(value))
+                value = `${value}`.split(',').map((i) => i.trim());
+            if (value.length > 0) transport.headers[key] = value;
+        }
+    }
+    if (proxy['http-host'] && proxy['http-host'] !== '') {
+        let host = proxy['http-host'];
+        if (!Array.isArray(host))
+            host = `${host}`.split(',').map((i) => i.trim());
+        if (host.length > 0) transport.host = host;
+    }
+    if (!transport.host) return;
+    if (proxy['http-path'] && proxy['http-path'] !== '') {
+        const path = proxy['http-path'];
+        if (Array.isArray(path)) {
+            transport.path = `${path[0]}`;
+        } else if (path !== '') transport.path = `${path}`;
+    }
+    if (parsedProxy.tls.insecure)
+        parsedProxy.tls.server_name = transport.host[0];
+    if (transport.host.length === 1) transport.host = transport.host[0];
+    for (const key of Object.keys(transport.headers)) {
+        const value = transport.headers[key];
+        if (value.length === 1) transport.headers[key] = value[0];
+    }
+    parsedProxy.transport = transport;
+};
+
+const h2Parser = (proxy, parsedProxy) => {
+    const transport = { type: 'http' };
+    if (proxy['h2-opts']) {
+        let { host = '', path = '' } = proxy['h2-opts'];
+        if (path !== '') transport.path = `${path}`;
+        if (host !== '') {
+            if (!Array.isArray(host))
+                host = `${host}`.split(',').map((i) => i.trim());
+            if (host.length > 0) transport.host = host;
+        }
+    }
+    if (proxy['h2-host'] && proxy['h2-host'] !== '') {
+        let host = proxy['h2-host'];
+        if (!Array.isArray(host))
+            host = `${host}`.split(',').map((i) => i.trim());
+        if (host.length > 0) transport.host = host;
+    }
+    if (proxy['h2-path'] && proxy['h2-path'] !== '')
+        transport.path = `${proxy['h2-path']}`;
+    parsedProxy.tls.enabled = true;
+    if (parsedProxy.tls.insecure)
+        parsedProxy.tls.server_name = transport.host[0];
+    if (transport.host.length === 1) transport.host = transport.host[0];
+    parsedProxy.transport = transport;
+};
+
+const grpcParser = (proxy, parsedProxy) => {
+    const transport = { type: 'grpc' };
+    if (proxy['grpc-opts']) {
+        const serviceName = proxy['grpc-opts']['grpc-service-name'];
+        if (serviceName != null && serviceName !== '')
+            transport.service_name = `${serviceName}`;
+    }
+    parsedProxy.transport = transport;
+};
+
+const tlsParser = (proxy, parsedProxy) => {
+    if (proxy.tls) parsedProxy.tls.enabled = true;
+    if (proxy.servername && proxy.servername !== '')
+        parsedProxy.tls.server_name = proxy.servername;
+    if (proxy.peer && proxy.peer !== '')
+        parsedProxy.tls.server_name = proxy.peer;
+    if (proxy.sni && proxy.sni !== '') parsedProxy.tls.server_name = proxy.sni;
+    if (proxy['skip-cert-verify']) parsedProxy.tls.insecure = true;
+    if (proxy.insecure) parsedProxy.tls.insecure = true;
+    if (proxy['disable-sni']) parsedProxy.tls.disable_sni = true;
+    if (typeof proxy.alpn === 'string') {
+        parsedProxy.tls.alpn = [proxy.alpn];
+    } else if (Array.isArray(proxy.alpn)) parsedProxy.tls.alpn = proxy.alpn;
+    if (proxy.ca) parsedProxy.tls.certificate_path = `${proxy.ca}`;
+    if (proxy.ca_str) parsedProxy.tls.certificate = [proxy.ca_str];
+    if (proxy['ca-str']) parsedProxy.tls.certificate = [proxy['ca-str']];
+    if (proxy['reality-opts']) {
+        parsedProxy.tls.reality = { enabled: true };
+        if (proxy['reality-opts']['public-key'])
+            parsedProxy.tls.reality.public_key =
+                proxy['reality-opts']['public-key'];
+        if (proxy['reality-opts']['short-id'])
+            parsedProxy.tls.reality.short_id =
+                proxy['reality-opts']['short-id'];
+        parsedProxy.tls.utls = { enabled: true };
+    }
+    if (proxy['client-fingerprint'] && proxy['client-fingerprint'] !== '')
+        parsedProxy.tls.utls = {
+            enabled: true,
+            fingerprint: proxy['client-fingerprint'],
+        };
+    if (!parsedProxy.tls.enabled) delete parsedProxy.tls;
+};
+
+const sshParser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'ssh',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy.username) parsedProxy.user = proxy.username;
+    if (proxy.password) parsedProxy.password = proxy.password;
+    // https://wiki.metacubex.one/config/proxies/ssh
+    // https://sing-box.sagernet.org/zh/configuration/outbound/ssh
+    if (proxy['privateKey']) parsedProxy.private_key_path = proxy['privateKey'];
+    if (proxy['private-key'])
+        parsedProxy.private_key_path = proxy['private-key'];
+    if (proxy['private-key-passphrase'])
+        parsedProxy.private_key_passphrase = proxy['private-key-passphrase'];
+    if (proxy['server-fingerprint']) {
+        parsedProxy.host_key = [proxy['server-fingerprint']];
+        // https://manual.nssurge.com/policy/ssh.html
+        // Surge only supports curve25519-sha256 as the kex algorithm and aes128-gcm as the encryption algorithm. It means that the SSH server must use OpenSSH v7.3 or above. (It should not be a problem since OpenSSH 7.3 was released on 2016-08-01.)
+        // TODO: ?
+        parsedProxy.host_key_algorithms = [
+            proxy['server-fingerprint'].split(' ')[0],
+        ];
+    }
+    if (proxy['host-key']) parsedProxy.host_key = proxy['host-key'];
+    if (proxy['host-key-algorithms'])
+        parsedProxy.host_key_algorithms = proxy['host-key-algorithms'];
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    return parsedProxy;
+};
+
+const httpParser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'http',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        tls: { enabled: false, server_name: proxy.server, insecure: false },
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy.username) parsedProxy.username = proxy.username;
+    if (proxy.password) parsedProxy.password = proxy.password;
+    if (proxy.headers) {
+        parsedProxy.headers = {};
+        for (const k of Object.keys(proxy.headers)) {
+            parsedProxy.headers[k] = `${proxy.headers[k]}`;
+        }
+        if (Object.keys(parsedProxy.headers).length === 0)
+            delete parsedProxy.headers;
+    }
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    tlsParser(proxy, parsedProxy);
+    return parsedProxy;
+};
+
+const socks5Parser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'socks',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        password: proxy.password,
+        version: '5',
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy.username) parsedProxy.username = proxy.username;
+    if (proxy.password) parsedProxy.password = proxy.password;
+    if (proxy.uot) parsedProxy.udp_over_tcp = true;
+    if (proxy['udp-over-tcp']) parsedProxy.udp_over_tcp = true;
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    return parsedProxy;
+};
+
+const shadowTLSParser = (proxy = {}) => {
+    const ssPart = {
+        tag: proxy.name,
+        type: 'shadowsocks',
+        method: proxy.cipher,
+        password: proxy.password,
+        detour: `${proxy.name}_shadowtls`,
+    };
+    const stPart = {
+        tag: `${proxy.name}_shadowtls`,
+        type: 'shadowtls',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        version: proxy['plugin-opts'].version,
+        password: proxy['plugin-opts'].password,
+        tls: {
+            enabled: true,
+            server_name: proxy['plugin-opts'].host,
+            utls: {
+                enabled: true,
+                fingerprint: proxy['client-fingerprint'],
+            },
+        },
+    };
+    if (stPart.server_port < 0 || stPart.server_port > 65535)
+        throw '端口值非法';
+    if (proxy['fast-open'] === true) stPart.udp_fragment = true;
+    tfoParser(proxy, stPart);
+    detourParser(proxy, stPart);
+    smuxParser(proxy.smux, ssPart);
+    return { type: 'ss-with-st', ssPart, stPart };
+};
+const ssParser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'shadowsocks',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        method: proxy.cipher,
+        password: proxy.password,
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy.uot) parsedProxy.udp_over_tcp = true;
+    if (proxy['udp-over-tcp']) parsedProxy.udp_over_tcp = true;
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    smuxParser(proxy.smux, parsedProxy);
+    if (proxy.plugin) {
+        const optArr = [];
+        if (proxy.plugin === 'obfs') {
+            parsedProxy.plugin = 'obfs-local';
+            parsedProxy.plugin_opts = '';
+            if (proxy['obfs-host'])
+                proxy['plugin-opts'].host = proxy['obfs-host'];
+            Object.keys(proxy['plugin-opts']).forEach((k) => {
+                switch (k) {
+                    case 'mode':
+                        optArr.push(`obfs=${proxy['plugin-opts'].mode}`);
+                        break;
+                    case 'host':
+                        optArr.push(`obfs-host=${proxy['plugin-opts'].host}`);
+                        break;
+                    default:
+                        optArr.push(`${k}=${proxy['plugin-opts'][k]}`);
+                        break;
+                }
+            });
+        }
+        if (proxy.plugin === 'v2ray-plugin') {
+            parsedProxy.plugin = 'v2ray-plugin';
+            if (proxy['ws-host']) proxy['plugin-opts'].host = proxy['ws-host'];
+            if (proxy['ws-path']) proxy['plugin-opts'].path = proxy['ws-path'];
+            Object.keys(proxy['plugin-opts']).forEach((k) => {
+                switch (k) {
+                    case 'tls':
+                        if (proxy['plugin-opts'].tls) optArr.push('tls');
+                        break;
+                    case 'host':
+                        optArr.push(`host=${proxy['plugin-opts'].host}`);
+                        break;
+                    case 'path':
+                        optArr.push(`path=${proxy['plugin-opts'].path}`);
+                        break;
+                    case 'headers':
+                        optArr.push(
+                            `headers=${JSON.stringify(
+                                proxy['plugin-opts'].headers,
+                            )}`,
+                        );
+                        break;
+                    case 'mux':
+                        if (proxy['plugin-opts'].mux)
+                            parsedProxy.multiplex = { enabled: true };
+                        break;
+                    default:
+                        optArr.push(`${k}=${proxy['plugin-opts'][k]}`);
+                }
+            });
+        }
+        parsedProxy.plugin_opts = optArr.join(';');
+    }
+
+    return parsedProxy;
+};
+// eslint-disable-next-line no-unused-vars
+const ssrParser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'shadowsocksr',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        method: proxy.cipher,
+        password: proxy.password,
+        obfs: proxy.obfs,
+        protocol: proxy.protocol,
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy['obfs-param']) parsedProxy.obfs_param = proxy['obfs-param'];
+    if (proxy['protocol-param'] && proxy['protocol-param'] !== '')
+        parsedProxy.protocol_param = proxy['protocol-param'];
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    smuxParser(proxy.smux, parsedProxy);
+    return parsedProxy;
+};
+
+const vmessParser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'vmess',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        uuid: proxy.uuid,
+        security: proxy.cipher,
+        alter_id: parseInt(`${proxy.alterId}`, 10),
+        tls: { enabled: false, server_name: proxy.server, insecure: false },
+    };
+    if (
+        [
+            'auto',
+            'none',
+            'zero',
+            'aes-128-gcm',
+            'chacha20-poly1305',
+            'aes-128-ctr',
+        ].indexOf(parsedProxy.security) === -1
+    )
+        parsedProxy.security = 'auto';
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy.xudp) parsedProxy.packet_encoding = 'xudp';
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    if (proxy.network === 'ws') wsParser(proxy, parsedProxy);
+    if (proxy.network === 'h2') h2Parser(proxy, parsedProxy);
+    if (proxy.network === 'http') h1Parser(proxy, parsedProxy);
+    if (proxy.network === 'grpc') grpcParser(proxy, parsedProxy);
+
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    tlsParser(proxy, parsedProxy);
+    smuxParser(proxy.smux, parsedProxy);
+    return parsedProxy;
+};
+
+const vlessParser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'vless',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        uuid: proxy.uuid,
+        tls: { enabled: false, server_name: proxy.server, insecure: false },
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    if (proxy.flow === 'xtls-rprx-vision') parsedProxy.flow = proxy.flow;
+    if (proxy.network === 'ws') wsParser(proxy, parsedProxy);
+    if (proxy.network === 'grpc') grpcParser(proxy, parsedProxy);
+
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    smuxParser(proxy.smux, parsedProxy);
+    tlsParser(proxy, parsedProxy);
+    return parsedProxy;
+};
+const trojanParser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'trojan',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        password: proxy.password,
+        tls: { enabled: true, server_name: proxy.server, insecure: false },
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    if (proxy.network === 'grpc') grpcParser(proxy, parsedProxy);
+    if (proxy.network === 'ws') wsParser(proxy, parsedProxy);
+
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    tlsParser(proxy, parsedProxy);
+    smuxParser(proxy.smux, parsedProxy);
+    return parsedProxy;
+};
+const hysteriaParser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'hysteria',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        disable_mtu_discovery: false,
+        tls: { enabled: true, server_name: proxy.server, insecure: false },
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy.auth_str) parsedProxy.auth_str = `${proxy.auth_str}`;
+    if (proxy['auth-str']) parsedProxy.auth_str = `${proxy['auth-str']}`;
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    // eslint-disable-next-line no-control-regex
+    const reg = new RegExp('^[0-9]+[ \t]*[KMGT]*[Bb]ps$');
+    if (reg.test(`${proxy.up}`)) {
+        parsedProxy.up = `${proxy.up}`;
+    } else {
+        parsedProxy.up_mbps = parseInt(`${proxy.up}`, 10);
+    }
+    if (reg.test(`${proxy.down}`)) {
+        parsedProxy.down = `${proxy.down}`;
+    } else {
+        parsedProxy.down_mbps = parseInt(`${proxy.down}`, 10);
+    }
+    if (proxy.obfs) parsedProxy.obfs = proxy.obfs;
+    if (proxy.recv_window_conn)
+        parsedProxy.recv_window_conn = proxy.recv_window_conn;
+    if (proxy['recv-window-conn'])
+        parsedProxy.recv_window_conn = proxy['recv-window-conn'];
+    if (proxy.recv_window) parsedProxy.recv_window = proxy.recv_window;
+    if (proxy['recv-window']) parsedProxy.recv_window = proxy['recv-window'];
+    if (proxy.disable_mtu_discovery) {
+        if (typeof proxy.disable_mtu_discovery === 'boolean') {
+            parsedProxy.disable_mtu_discovery = proxy.disable_mtu_discovery;
+        } else {
+            if (proxy.disable_mtu_discovery === 1)
+                parsedProxy.disable_mtu_discovery = true;
+        }
+    }
+    tlsParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    tfoParser(proxy, parsedProxy);
+    smuxParser(proxy.smux, parsedProxy);
+    return parsedProxy;
+};
+const hysteria2Parser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'hysteria2',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        password: proxy.password,
+        obfs: {},
+        tls: { enabled: true, server_name: proxy.server, insecure: false },
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy.up) parsedProxy.up_mbps = parseInt(`${proxy.up}`, 10);
+    if (proxy.down) parsedProxy.down_mbps = parseInt(`${proxy.down}`, 10);
+    if (proxy.obfs === 'salamander') parsedProxy.obfs.type = 'salamander';
+    if (proxy['obfs-password'])
+        parsedProxy.obfs.password = proxy['obfs-password'];
+    if (!parsedProxy.obfs.type) delete parsedProxy.obfs;
+    tlsParser(proxy, parsedProxy);
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    smuxParser(proxy.smux, parsedProxy);
+    return parsedProxy;
+};
+const tuic5Parser = (proxy = {}) => {
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'tuic',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        uuid: proxy.uuid,
+        password: proxy.password,
+        tls: { enabled: true, server_name: proxy.server, insecure: false },
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    if (
+        proxy['congestion-controller'] &&
+        proxy['congestion-controller'] !== 'cubic'
+    )
+        parsedProxy.congestion_control = proxy['congestion-controller'];
+    if (proxy['udp-relay-mode'] && proxy['udp-relay-mode'] !== 'native')
+        parsedProxy.udp_relay_mode = proxy['udp-relay-mode'];
+    if (proxy['reduce-rtt']) parsedProxy.zero_rtt_handshake = true;
+    if (proxy['udp-over-stream']) parsedProxy.udp_over_stream = true;
+    if (proxy['heartbeat-interval'])
+        parsedProxy.heartbeat = `${proxy['heartbeat-interval']}ms`;
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    tlsParser(proxy, parsedProxy);
+    smuxParser(proxy.smux, parsedProxy);
+    return parsedProxy;
+};
+
+const wireguardParser = (proxy = {}) => {
+    const local_address = ['ip', 'ipv6']
+        .map((i) => proxy[i])
+        .map((i) => {
+            if (isIPv4(i)) return `${i}/32`;
+            if (isIPv6(i)) return `${i}/128`;
+        })
+        .filter((i) => i);
+    const parsedProxy = {
+        tag: proxy.name,
+        type: 'wireguard',
+        server: proxy.server,
+        server_port: parseInt(`${proxy.port}`, 10),
+        local_address,
+        private_key: proxy['private-key'],
+        peer_public_key: proxy['public-key'],
+        pre_shared_key: proxy['pre-shared-key'],
+        reserved: [],
+    };
+    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
+        throw 'invalid port';
+    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
+    if (typeof proxy.reserved === 'string') {
+        parsedProxy.reserved = proxy.reserved;
+    } else if (Array.isArray(proxy.reserved)) {
+        for (const r of proxy.reserved) parsedProxy.reserved.push(r);
+    } else {
+        delete parsedProxy.reserved;
+    }
+    if (proxy.peers && proxy.peers.length > 0) {
+        parsedProxy.peers = [];
+        for (const p of proxy.peers) {
+            const peer = {
+                server: p.server,
+                server_port: parseInt(`${p.port}`, 10),
+                public_key: p['public-key'],
+                allowed_ips: p['allowed-ips'] || p.allowed_ips,
+                reserved: [],
+            };
+            if (typeof p.reserved === 'string') {
+                peer.reserved.push(p.reserved);
+            } else if (Array.isArray(p.reserved)) {
+                for (const r of p.reserved) peer.reserved.push(r);
+            } else {
+                delete peer.reserved;
+            }
+            if (p['pre-shared-key']) peer.pre_shared_key = p['pre-shared-key'];
+            parsedProxy.peers.push(peer);
+        }
+    }
+    tfoParser(proxy, parsedProxy);
+    detourParser(proxy, parsedProxy);
+    smuxParser(proxy.smux, parsedProxy);
+    return parsedProxy;
+};
+
+export default function singbox_Producer() {
+    const type = 'ALL';
+    const produce = (proxies, type, opts = {}) => {
+        const list = [];
+        ClashMeta_Producer()
+            .produce(proxies, 'internal', { 'include-unsupported-proxy': true })
+            .map((proxy) => {
+                try {
+                    switch (proxy.type) {
+                        case 'ssh':
+                            list.push(sshParser(proxy));
+                            break;
+                        case 'http':
+                            list.push(httpParser(proxy));
+                            break;
+                        case 'socks5':
+                            if (proxy.tls) {
+                                throw new Error(
+                                    `Platform sing-box does not support proxy type: ${proxy.type} with tls`,
+                                );
+                            } else {
+                                list.push(socks5Parser(proxy));
+                            }
+                            break;
+                        case 'ss':
+                            // if (!proxy.cipher) {
+                            //     proxy.cipher = 'none';
+                            // }
+                            // if (
+                            //     ![
+                            //         '2022-blake3-aes-128-gcm',
+                            //         '2022-blake3-aes-256-gcm',
+                            //         '2022-blake3-chacha20-poly1305',
+                            //         'aes-128-cfb',
+                            //         'aes-128-ctr',
+                            //         'aes-128-gcm',
+                            //         'aes-192-cfb',
+                            //         'aes-192-ctr',
+                            //         'aes-192-gcm',
+                            //         'aes-256-cfb',
+                            //         'aes-256-ctr',
+                            //         'aes-256-gcm',
+                            //         'chacha20-ietf',
+                            //         'chacha20-ietf-poly1305',
+                            //         'none',
+                            //         'rc4-md5',
+                            //         'xchacha20',
+                            //         'xchacha20-ietf-poly1305',
+                            //     ].includes(proxy.cipher)
+                            // ) {
+                            //     throw new Error(
+                            //         `cipher ${proxy.cipher} is not supported`,
+                            //     );
+                            // }
+                            if (proxy.plugin === 'shadow-tls') {
+                                const { ssPart, stPart } =
+                                    shadowTLSParser(proxy);
+                                list.push(ssPart);
+                                list.push(stPart);
+                            } else {
+                                list.push(ssParser(proxy));
+                            }
+                            break;
+                        case 'ssr':
+                            if (opts['include-unsupported-proxy']) {
+                                list.push(ssrParser(proxy));
+                            } else {
+                                throw new Error(
+                                    `Platform sing-box does not support proxy type: ${proxy.type}`,
+                                );
+                            }
+                            break;
+                        case 'vmess':
+                            if (
+                                !proxy.network ||
+                                ['ws', 'grpc', 'h2', 'http'].includes(
+                                    proxy.network,
+                                )
+                            ) {
+                                list.push(vmessParser(proxy));
+                            } else {
+                                throw new Error(
+                                    `Platform sing-box does not support proxy type: ${proxy.type} with network ${proxy.network}`,
+                                );
+                            }
+                            break;
+                        case 'vless':
+                            if (
+                                !proxy.flow ||
+                                ['xtls-rprx-vision'].includes(proxy.flow)
+                            ) {
+                                list.push(vlessParser(proxy));
+                            } else {
+                                throw new Error(
+                                    `Platform sing-box does not support proxy type: ${proxy.type} with flow ${proxy.flow}`,
+                                );
+                            }
+                            break;
+                        case 'trojan':
+                            if (!proxy.flow) {
+                                list.push(trojanParser(proxy));
+                            } else {
+                                throw new Error(
+                                    `Platform sing-box does not support proxy type: ${proxy.type} with flow ${proxy.flow}`,
+                                );
+                            }
+                            break;
+                        case 'hysteria':
+                            list.push(hysteriaParser(proxy));
+                            break;
+                        case 'hysteria2':
+                            list.push(hysteria2Parser(proxy));
+                            break;
+                        case 'tuic':
+                            if (!proxy.token || proxy.token.length === 0) {
+                                list.push(tuic5Parser(proxy));
+                            } else {
+                                throw new Error(
+                                    `Platform sing-box does not support proxy type: TUIC v4`,
+                                );
+                            }
+                            break;
+                        case 'wireguard':
+                            list.push(wireguardParser(proxy));
+                            break;
+                        default:
+                            throw new Error(
+                                `Platform sing-box does not support proxy type: ${proxy.type}`,
+                            );
+                    }
+                } catch (e) {
+                    // console.log(e);
+                    $.error(e.message ?? e);
+                }
+            });
+
+        return type === 'internal'
+            ? list
+            : JSON.stringify({ outbounds: list }, null, 2);
+    };
+    return { type, produce };
+}

backend/src/core/proxy-utils/producers/stash.js

@@ -2,241 +2,297 @@ import { isPresent } from '@/core/proxy-utils/producers/utils';
 
 export default function Stash_Producer() {
     const type = 'ALL';
-    const produce = (proxies) => {
+    const produce = (proxies, type, opts = {}) => {
         // https://stash.wiki/proxy-protocols/proxy-types#shadowsocks
-        return (
-            'proxies:\n' +
-            proxies
-                .filter((proxy) => {
-                    if (
+        const list = proxies
+            .filter((proxy) => {
+                if (opts['include-unsupported-proxy']) return true;
+                if (
+                    ![
+                        'ss',
+                        'ssr',
+                        'vmess',
+                        'socks5',
+                        'http',
+                        'snell',
+                        'trojan',
+                        'tuic',
+                        'vless',
+                        'wireguard',
+                        'hysteria',
+                        'hysteria2',
+                        'ssh',
+                        'juicity',
+                    ].includes(proxy.type) ||
+                    (proxy.type === 'ss' &&
                         ![
-                            'ss',
-                            'ssr',
-                            'vmess',
-                            'socks5',
-                            'http',
-                            'snell',
-                            'trojan',
-                            'tuic',
-                            'vless',
-                            'wireguard',
-                            'hysteria',
-                            'hysteria2',
-                        ].includes(proxy.type) ||
-                        (proxy.type === 'ss' &&
-                            ![
-                                'aes-128-gcm',
-                                'aes-192-gcm',
-                                'aes-256-gcm',
-                                'aes-128-cfb',
-                                'aes-192-cfb',
-                                'aes-256-cfb',
-                                'aes-128-ctr',
-                                'aes-192-ctr',
-                                'aes-256-ctr',
-                                'rc4-md5',
-                                'chacha20-ietf',
-                                'xchacha20',
-                                'chacha20-ietf-poly1305',
-                                'xchacha20-ietf-poly1305',
-                            ].includes(proxy.cipher)) ||
-                        (proxy.type === 'snell' &&
-                            String(proxy.version) === '4') ||
-                        (proxy.type === 'vless' && proxy['reality-opts'])
-                    ) {
-                        return false;
+                            'aes-128-gcm',
+                            'aes-192-gcm',
+                            'aes-256-gcm',
+                            'aes-128-cfb',
+                            'aes-192-cfb',
+                            'aes-256-cfb',
+                            'aes-128-ctr',
+                            'aes-192-ctr',
+                            'aes-256-ctr',
+                            'rc4-md5',
+                            'chacha20-ietf',
+                            'xchacha20',
+                            'chacha20-ietf-poly1305',
+                            'xchacha20-ietf-poly1305',
+                        ].includes(proxy.cipher)) ||
+                    (proxy.type === 'snell' && String(proxy.version) === '4') ||
+                    (proxy.type === 'vless' && proxy['reality-opts'])
+                ) {
+                    return false;
+                }
+                return true;
+            })
+            .map((proxy) => {
+                if (proxy.type === 'vmess') {
+                    // handle vmess aead
+                    if (isPresent(proxy, 'aead')) {
+                        if (proxy.aead) {
+                            proxy.alterId = 0;
+                        }
+                        delete proxy.aead;
                     }
-                    return true;
-                })
-                .map((proxy) => {
-                    if (proxy.type === 'vmess') {
-                        // handle vmess aead
-                        if (isPresent(proxy, 'aead')) {
-                            if (proxy.aead) {
-                                proxy.alterId = 0;
-                            }
-                            delete proxy.aead;
-                        }
-                        if (isPresent(proxy, 'sni')) {
-                            proxy.servername = proxy.sni;
-                            delete proxy.sni;
-                        }
-                        // https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/docs/config.yaml#L400
-                        // https://stash.wiki/proxy-protocols/proxy-types#vmess
-                        if (
-                            isPresent(proxy, 'cipher') &&
-                            ![
-                                'auto',
-                                'aes-128-gcm',
-                                'chacha20-poly1305',
-                                'none',
-                            ].includes(proxy.cipher)
-                        ) {
-                            proxy.cipher = 'auto';
-                        }
-                    } else if (proxy.type === 'tuic') {
-                        if (isPresent(proxy, 'alpn')) {
-                            proxy.alpn = Array.isArray(proxy.alpn)
-                                ? proxy.alpn
-                                : [proxy.alpn];
-                        } else {
-                            proxy.alpn = ['h3'];
-                        }
-                        if (
-                            isPresent(proxy, 'tfo') &&
-                            !isPresent(proxy, 'fast-open')
-                        ) {
-                            proxy['fast-open'] = proxy.tfo;
-                            delete proxy.tfo;
-                        }
-                        // https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/adapter/outbound/tuic.go#L197
-                        if (
-                            (!proxy.token || proxy.token.length === 0) &&
-                            !isPresent(proxy, 'version')
-                        ) {
-                            proxy.version = 5;
-                        }
-                    } else if (proxy.type === 'hysteria') {
-                        // auth_str 将会在未来某个时候删除 但是有的机场不规范
-                        if (
-                            isPresent(proxy, 'auth_str') &&
-                            !isPresent(proxy, 'auth-str')
-                        ) {
-                            proxy['auth-str'] = proxy['auth_str'];
-                        }
-                        if (isPresent(proxy, 'alpn')) {
-                            proxy.alpn = Array.isArray(proxy.alpn)
-                                ? proxy.alpn
-                                : [proxy.alpn];
-                        }
-                        if (
-                            isPresent(proxy, 'tfo') &&
-                            !isPresent(proxy, 'fast-open')
-                        ) {
-                            proxy['fast-open'] = proxy.tfo;
-                            delete proxy.tfo;
-                        }
-                        if (
-                            isPresent(proxy, 'down') &&
-                            !isPresent(proxy, 'down-speed')
-                        ) {
-                            proxy['down-speed'] = proxy.down;
-                            delete proxy.down;
-                        }
-                        if (
-                            isPresent(proxy, 'up') &&
-                            !isPresent(proxy, 'up-speed')
-                        ) {
-                            proxy['up-speed'] = proxy.up;
-                            delete proxy.up;
-                        }
-                        if (isPresent(proxy, 'down-speed')) {
-                            proxy['down-speed'] =
-                                `${proxy['down-speed']}`.match(/\d+/)?.[0] || 0;
-                        }
-                        if (isPresent(proxy, 'up-speed')) {
-                            proxy['up-speed'] =
-                                `${proxy['up-speed']}`.match(/\d+/)?.[0] || 0;
-                        }
-                    } else if (proxy.type === 'hysteria2') {
-                        if (
-                            isPresent(proxy, 'password') &&
-                            !isPresent(proxy, 'auth')
-                        ) {
-                            proxy.auth = proxy.password;
-                            delete proxy.password;
-                        }
-                        if (
-                            isPresent(proxy, 'tfo') &&
-                            !isPresent(proxy, 'fast-open')
-                        ) {
-                            proxy['fast-open'] = proxy.tfo;
-                            delete proxy.tfo;
-                        }
-                        if (
-                            isPresent(proxy, 'down') &&
-                            !isPresent(proxy, 'down-speed')
-                        ) {
-                            proxy['down-speed'] = proxy.down;
-                            delete proxy.down;
-                        }
-                        if (
-                            isPresent(proxy, 'up') &&
-                            !isPresent(proxy, 'up-speed')
-                        ) {
-                            proxy['up-speed'] = proxy.up;
-                            delete proxy.up;
-                        }
-                        if (isPresent(proxy, 'down-speed')) {
-                            proxy['down-speed'] =
-                                `${proxy['down-speed']}`.match(/\d+/)?.[0] || 0;
-                        }
-                        if (isPresent(proxy, 'up-speed')) {
-                            proxy['up-speed'] =
-                                `${proxy['up-speed']}`.match(/\d+/)?.[0] || 0;
-                        }
-                    } else if (proxy.type === 'wireguard') {
-                        proxy.keepalive =
-                            proxy.keepalive ?? proxy['persistent-keepalive'];
-                        proxy['persistent-keepalive'] = proxy.keepalive;
-                        proxy['preshared-key'] =
-                            proxy['preshared-key'] ?? proxy['pre-shared-key'];
-                        proxy['pre-shared-key'] = proxy['preshared-key'];
-                    } else if (proxy.type === 'vless') {
-                        if (isPresent(proxy, 'sni')) {
-                            proxy.servername = proxy.sni;
-                            delete proxy.sni;
-                        }
+                    if (isPresent(proxy, 'sni')) {
+                        proxy.servername = proxy.sni;
+                        delete proxy.sni;
                     }
-
+                    // https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/docs/config.yaml#L400
+                    // https://stash.wiki/proxy-protocols/proxy-types#vmess
                     if (
-                        ['vmess', 'vless'].includes(proxy.type) &&
-                        proxy.network === 'http'
+                        isPresent(proxy, 'cipher') &&
+                        ![
+                            'auto',
+                            'aes-128-gcm',
+                            'chacha20-poly1305',
+                            'none',
+                        ].includes(proxy.cipher)
                     ) {
-                        let httpPath = proxy['http-opts']?.path;
-                        if (
-                            isPresent(proxy, 'http-opts.path') &&
-                            !Array.isArray(httpPath)
-                        ) {
-                            proxy['http-opts'].path = [httpPath];
-                        }
-                        let httpHost = proxy['http-opts']?.headers?.Host;
-                        if (
-                            isPresent(proxy, 'http-opts.headers.Host') &&
-                            !Array.isArray(httpHost)
-                        ) {
-                            proxy['http-opts'].headers.Host = [httpHost];
-                        }
+                        proxy.cipher = 'auto';
+                    }
+                } else if (proxy.type === 'tuic') {
+                    if (isPresent(proxy, 'alpn')) {
+                        proxy.alpn = Array.isArray(proxy.alpn)
+                            ? proxy.alpn
+                            : [proxy.alpn];
+                    } else {
+                        proxy.alpn = ['h3'];
                     }
                     if (
-                        ['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(
-                            proxy.type,
-                        )
+                        isPresent(proxy, 'tfo') &&
+                        !isPresent(proxy, 'fast-open')
                     ) {
-                        delete proxy.tls;
+                        proxy['fast-open'] = proxy.tfo;
+                        delete proxy.tfo;
                     }
-                    if (proxy['tls-fingerprint']) {
-                        proxy.fingerprint = proxy['tls-fingerprint'];
-                    }
-                    delete proxy['tls-fingerprint'];
-
-                    if (proxy['test-url']) {
-                        proxy['benchmark-url'] = proxy['test-url'];
-                        delete proxy['test-url'];
-                    }
-
-                    delete proxy.subName;
-                    delete proxy.collectionName;
+                    // https://github.com/MetaCubeX/Clash.Meta/blob/Alpha/adapter/outbound/tuic.go#L197
                     if (
-                        ['grpc'].includes(proxy.network) &&
-                        proxy[`${proxy.network}-opts`]
+                        (!proxy.token || proxy.token.length === 0) &&
+                        !isPresent(proxy, 'version')
                     ) {
-                        delete proxy[`${proxy.network}-opts`]['_grpc-type'];
+                        proxy.version = 5;
                     }
-                    return '  - ' + JSON.stringify(proxy) + '\n';
-                })
-                .join('')
-        );
+                } else if (proxy.type === 'hysteria') {
+                    // auth_str 将会在未来某个时候删除 但是有的机场不规范
+                    if (
+                        isPresent(proxy, 'auth_str') &&
+                        !isPresent(proxy, 'auth-str')
+                    ) {
+                        proxy['auth-str'] = proxy['auth_str'];
+                    }
+                    if (isPresent(proxy, 'alpn')) {
+                        proxy.alpn = Array.isArray(proxy.alpn)
+                            ? proxy.alpn
+                            : [proxy.alpn];
+                    }
+                    if (
+                        isPresent(proxy, 'tfo') &&
+                        !isPresent(proxy, 'fast-open')
+                    ) {
+                        proxy['fast-open'] = proxy.tfo;
+                        delete proxy.tfo;
+                    }
+                    if (
+                        isPresent(proxy, 'down') &&
+                        !isPresent(proxy, 'down-speed')
+                    ) {
+                        proxy['down-speed'] = proxy.down;
+                        delete proxy.down;
+                    }
+                    if (
+                        isPresent(proxy, 'up') &&
+                        !isPresent(proxy, 'up-speed')
+                    ) {
+                        proxy['up-speed'] = proxy.up;
+                        delete proxy.up;
+                    }
+                    if (isPresent(proxy, 'down-speed')) {
+                        proxy['down-speed'] =
+                            `${proxy['down-speed']}`.match(/\d+/)?.[0] || 0;
+                    }
+                    if (isPresent(proxy, 'up-speed')) {
+                        proxy['up-speed'] =
+                            `${proxy['up-speed']}`.match(/\d+/)?.[0] || 0;
+                    }
+                } else if (proxy.type === 'hysteria2') {
+                    if (
+                        isPresent(proxy, 'password') &&
+                        !isPresent(proxy, 'auth')
+                    ) {
+                        proxy.auth = proxy.password;
+                        delete proxy.password;
+                    }
+                    if (
+                        isPresent(proxy, 'tfo') &&
+                        !isPresent(proxy, 'fast-open')
+                    ) {
+                        proxy['fast-open'] = proxy.tfo;
+                        delete proxy.tfo;
+                    }
+                    if (
+                        isPresent(proxy, 'down') &&
+                        !isPresent(proxy, 'down-speed')
+                    ) {
+                        proxy['down-speed'] = proxy.down;
+                        delete proxy.down;
+                    }
+                    if (
+                        isPresent(proxy, 'up') &&
+                        !isPresent(proxy, 'up-speed')
+                    ) {
+                        proxy['up-speed'] = proxy.up;
+                        delete proxy.up;
+                    }
+                    if (isPresent(proxy, 'down-speed')) {
+                        proxy['down-speed'] =
+                            `${proxy['down-speed']}`.match(/\d+/)?.[0] || 0;
+                    }
+                    if (isPresent(proxy, 'up-speed')) {
+                        proxy['up-speed'] =
+                            `${proxy['up-speed']}`.match(/\d+/)?.[0] || 0;
+                    }
+                } else if (proxy.type === 'wireguard') {
+                    proxy.keepalive =
+                        proxy.keepalive ?? proxy['persistent-keepalive'];
+                    proxy['persistent-keepalive'] = proxy.keepalive;
+                    proxy['preshared-key'] =
+                        proxy['preshared-key'] ?? proxy['pre-shared-key'];
+                    proxy['pre-shared-key'] = proxy['preshared-key'];
+                } else if (proxy.type === 'vless') {
+                    if (isPresent(proxy, 'sni')) {
+                        proxy.servername = proxy.sni;
+                        delete proxy.sni;
+                    }
+                }
+
+                if (
+                    ['vmess', 'vless'].includes(proxy.type) &&
+                    proxy.network === 'http'
+                ) {
+                    let httpPath = proxy['http-opts']?.path;
+                    if (
+                        isPresent(proxy, 'http-opts.path') &&
+                        !Array.isArray(httpPath)
+                    ) {
+                        proxy['http-opts'].path = [httpPath];
+                    }
+                    let httpHost = proxy['http-opts']?.headers?.Host;
+                    if (
+                        isPresent(proxy, 'http-opts.headers.Host') &&
+                        !Array.isArray(httpHost)
+                    ) {
+                        proxy['http-opts'].headers.Host = [httpHost];
+                    }
+                }
+                if (
+                    ['vmess', 'vless'].includes(proxy.type) &&
+                    proxy.network === 'h2'
+                ) {
+                    let path = proxy['h2-opts']?.path;
+                    if (
+                        isPresent(proxy, 'h2-opts.path') &&
+                        Array.isArray(path)
+                    ) {
+                        proxy['h2-opts'].path = path[0];
+                    }
+                    let host = proxy['h2-opts']?.headers?.host;
+                    if (
+                        isPresent(proxy, 'h2-opts.headers.Host') &&
+                        !Array.isArray(host)
+                    ) {
+                        proxy['h2-opts'].headers.host = [host];
+                    }
+                }
+                if (proxy['plugin-opts']?.tls) {
+                    if (isPresent(proxy, 'skip-cert-verify')) {
+                        proxy['plugin-opts']['skip-cert-verify'] =
+                            proxy['skip-cert-verify'];
+                    }
+                }
+                if (
+                    [
+                        'trojan',
+                        'tuic',
+                        'hysteria',
+                        'hysteria2',
+                        'juicity',
+                    ].includes(proxy.type)
+                ) {
+                    delete proxy.tls;
+                }
+                if (proxy['tls-fingerprint']) {
+                    proxy['server-cert-fingerprint'] = proxy['tls-fingerprint'];
+                }
+                delete proxy['tls-fingerprint'];
+
+                if (proxy['underlying-proxy']) {
+                    proxy['dialer-proxy'] = proxy['underlying-proxy'];
+                }
+                delete proxy['underlying-proxy'];
+
+                if (isPresent(proxy, 'tls') && typeof proxy.tls !== 'boolean') {
+                    delete proxy.tls;
+                }
+
+                if (proxy['test-url']) {
+                    proxy['benchmark-url'] = proxy['test-url'];
+                    delete proxy['test-url'];
+                }
+                if (proxy['test-timeout']) {
+                    proxy['benchmark-timeout'] = proxy['test-timeout'];
+                    delete proxy['test-timeout'];
+                }
+
+                delete proxy.subName;
+                delete proxy.collectionName;
+                delete proxy.id;
+                delete proxy.resolved;
+                delete proxy['no-resolve'];
+                if (type !== 'internal') {
+                    for (const key in proxy) {
+                        if (proxy[key] == null || /^_/i.test(key)) {
+                            delete proxy[key];
+                        }
+                    }
+                }
+                if (
+                    ['grpc'].includes(proxy.network) &&
+                    proxy[`${proxy.network}-opts`]
+                ) {
+                    delete proxy[`${proxy.network}-opts`]['_grpc-type'];
+                }
+                return proxy;
+            });
+        return type === 'internal'
+            ? list
+            : 'proxies:\n' +
+                  list
+                      .map((proxy) => '  - ' + JSON.stringify(proxy) + '\n')
+                      .join('');
     };
     return { type, produce };
 }

backend/src/core/proxy-utils/producers/surfboard.js

@@ -0,0 +1,226 @@
+import { Result, isPresent } from './utils';
+import { isNotBlank } from '@/utils';
+// import $ from '@/core/app';
+
+const targetPlatform = 'Surfboard';
+
+export default function Surfboard_Producer() {
+    const produce = (proxy) => {
+        proxy.name = proxy.name.replace(/=|,/g, '');
+        switch (proxy.type) {
+            case 'ss':
+                return shadowsocks(proxy);
+            case 'trojan':
+                return trojan(proxy);
+            case 'vmess':
+                return vmess(proxy);
+            case 'http':
+                return http(proxy);
+            case 'socks5':
+                return socks5(proxy);
+            case 'wireguard-surge':
+                return wireguard(proxy);
+        }
+        throw new Error(
+            `Platform ${targetPlatform} does not support proxy type: ${proxy.type}`,
+        );
+    };
+    return { produce };
+}
+
+function shadowsocks(proxy) {
+    const result = new Result(proxy);
+    result.append(`${proxy.name}=${proxy.type},${proxy.server},${proxy.port}`);
+    if (
+        ![
+            'aes-128-gcm',
+            'aes-192-gcm',
+            'aes-256-gcm',
+            'chacha20-ietf-poly1305',
+            'xchacha20-ietf-poly1305',
+            'rc4',
+            'rc4-md5',
+            'aes-128-cfb',
+            'aes-192-cfb',
+            'aes-256-cfb',
+            'aes-128-ctr',
+            'aes-192-ctr',
+            'aes-256-ctr',
+            'bf-cfb',
+            'camellia-128-cfb',
+            'camellia-192-cfb',
+            'camellia-256-cfb',
+            'salsa20',
+            'chacha20',
+            'chacha20-ietf',
+        ].includes(proxy.cipher)
+    ) {
+        throw new Error(`cipher ${proxy.cipher} is not supported`);
+    }
+    result.append(`,encrypt-method=${proxy.cipher}`);
+    result.appendIfPresent(`,password=${proxy.password}`, 'password');
+
+    // obfs
+    if (isPresent(proxy, 'plugin')) {
+        if (proxy.plugin === 'obfs') {
+            result.append(`,obfs=${proxy['plugin-opts'].mode}`);
+            result.appendIfPresent(
+                `,obfs-host=${proxy['plugin-opts'].host}`,
+                'plugin-opts.host',
+            );
+            result.appendIfPresent(
+                `,obfs-uri=${proxy['plugin-opts'].path}`,
+                'plugin-opts.path',
+            );
+        } else {
+            throw new Error(`plugin ${proxy.plugin} is not supported`);
+        }
+    }
+
+    // udp
+    result.appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
+
+    return result.toString();
+}
+
+function trojan(proxy) {
+    const result = new Result(proxy);
+    result.append(`${proxy.name}=${proxy.type},${proxy.server},${proxy.port}`);
+    result.appendIfPresent(`,password=${proxy.password}`, 'password');
+
+    // transport
+    handleTransport(result, proxy);
+
+    // tls
+    result.appendIfPresent(`,tls=${proxy.tls}`, 'tls');
+
+    // tls verification
+    result.appendIfPresent(`,sni=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,skip-cert-verify=${proxy['skip-cert-verify']}`,
+        'skip-cert-verify',
+    );
+
+    // tfo
+    result.appendIfPresent(`,tfo=${proxy.tfo}`, 'tfo');
+
+    // udp
+    result.appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
+
+    return result.toString();
+}
+
+function vmess(proxy) {
+    const result = new Result(proxy);
+    result.append(`${proxy.name}=${proxy.type},${proxy.server},${proxy.port}`);
+    result.appendIfPresent(`,username=${proxy.uuid}`, 'uuid');
+
+    // transport
+    handleTransport(result, proxy);
+
+    // AEAD
+    if (isPresent(proxy, 'aead')) {
+        result.append(`,vmess-aead=${proxy.aead}`);
+    } else {
+        result.append(`,vmess-aead=${proxy.alterId === 0}`);
+    }
+
+    // tls
+    result.appendIfPresent(`,tls=${proxy.tls}`, 'tls');
+
+    // tls verification
+    result.appendIfPresent(`,sni=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,skip-cert-verify=${proxy['skip-cert-verify']}`,
+        'skip-cert-verify',
+    );
+
+    // udp
+    result.appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
+
+    return result.toString();
+}
+
+function http(proxy) {
+    const result = new Result(proxy);
+    const type = proxy.tls ? 'https' : 'http';
+    result.append(`${proxy.name}=${type},${proxy.server},${proxy.port}`);
+    result.appendIfPresent(`,${proxy.username}`, 'username');
+    result.appendIfPresent(`,${proxy.password}`, 'password');
+
+    // tls verification
+    result.appendIfPresent(`,sni=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,skip-cert-verify=${proxy['skip-cert-verify']}`,
+        'skip-cert-verify',
+    );
+
+    // udp
+    result.appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
+
+    return result.toString();
+}
+
+function socks5(proxy) {
+    const result = new Result(proxy);
+    const type = proxy.tls ? 'socks5-tls' : 'socks5';
+    result.append(`${proxy.name}=${type},${proxy.server},${proxy.port}`);
+    result.appendIfPresent(`,${proxy.username}`, 'username');
+    result.appendIfPresent(`,${proxy.password}`, 'password');
+
+    // tls verification
+    result.appendIfPresent(`,sni=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,skip-cert-verify=${proxy['skip-cert-verify']}`,
+        'skip-cert-verify',
+    );
+
+    // udp
+    result.appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
+
+    return result.toString();
+}
+
+function wireguard(proxy) {
+    const result = new Result(proxy);
+
+    result.append(`${proxy.name}=wireguard`);
+
+    result.appendIfPresent(
+        `,section-name=${proxy['section-name']}`,
+        'section-name',
+    );
+
+    return result.toString();
+}
+
+function handleTransport(result, proxy) {
+    if (isPresent(proxy, 'network')) {
+        if (proxy.network === 'ws') {
+            result.append(`,ws=true`);
+            if (isPresent(proxy, 'ws-opts')) {
+                result.appendIfPresent(
+                    `,ws-path=${proxy['ws-opts'].path}`,
+                    'ws-opts.path',
+                );
+                if (isPresent(proxy, 'ws-opts.headers')) {
+                    const headers = proxy['ws-opts'].headers;
+                    const value = Object.keys(headers)
+                        .map((k) => {
+                            let v = headers[k];
+                            if (['Host'].includes(k)) {
+                                v = `"${v}"`;
+                            }
+                            return `${k}:${v}`;
+                        })
+                        .join('|');
+                    if (isNotBlank(value)) {
+                        result.append(`,ws-headers=${value}`);
+                    }
+                }
+            }
+        } else {
+            throw new Error(`network ${proxy.network} is unsupported`);
+        }
+    }
+}

backend/src/core/proxy-utils/producers/surge.js

@@ -1,5 +1,5 @@
 import { Result, isPresent } from './utils';
-import { isNotBlank } from '@/utils';
+import { isNotBlank, getIfNotBlank } from '@/utils';
 import $ from '@/core/app';
 
 const targetPlatform = 'Surge';
@@ -13,14 +13,18 @@ const ipVersions = {
 };
 
 export default function Surge_Producer() {
-    const produce = (proxy) => {
+    const produce = (proxy, type, opts = {}) => {
+        proxy.name = proxy.name.replace(/=|,/g, '');
+        if (proxy.ports) {
+            proxy.ports = String(proxy.ports);
+        }
         switch (proxy.type) {
             case 'ss':
-                return shadowsocks(proxy);
+                return shadowsocks(proxy, opts['include-unsupported-proxy']);
             case 'trojan':
                 return trojan(proxy);
             case 'vmess':
-                return vmess(proxy);
+                return vmess(proxy, opts['include-unsupported-proxy']);
             case 'http':
                 return http(proxy);
             case 'socks5':
@@ -30,9 +34,15 @@ export default function Surge_Producer() {
             case 'tuic':
                 return tuic(proxy);
             case 'wireguard-surge':
-                return wireguard(proxy);
+                return wireguard_surge(proxy);
             case 'hysteria2':
                 return hysteria2(proxy);
+            case 'ssh':
+                return ssh(proxy);
+        }
+
+        if (opts['include-unsupported-proxy'] && proxy.type === 'wireguard') {
+            return wireguard(proxy);
         }
         throw new Error(
             `Platform ${targetPlatform} does not support proxy type: ${proxy.type}`,
@@ -41,16 +51,52 @@ export default function Surge_Producer() {
     return { produce };
 }
 
-function shadowsocks(proxy) {
+function shadowsocks(proxy, includeUnsupportedProxy) {
     const result = new Result(proxy);
     result.append(`${proxy.name}=${proxy.type},${proxy.server},${proxy.port}`);
+    if (!proxy.cipher) {
+        proxy.cipher = 'none';
+    }
+    if (
+        ![
+            'aes-128-gcm',
+            'aes-192-gcm',
+            'aes-256-gcm',
+            'chacha20-ietf-poly1305',
+            'xchacha20-ietf-poly1305',
+            'rc4',
+            'rc4-md5',
+            'aes-128-cfb',
+            'aes-192-cfb',
+            'aes-256-cfb',
+            'aes-128-ctr',
+            'aes-192-ctr',
+            'aes-256-ctr',
+            'bf-cfb',
+            'camellia-128-cfb',
+            'camellia-192-cfb',
+            'camellia-256-cfb',
+            'cast5-cfb',
+            'des-cfb',
+            'idea-cfb',
+            'rc2-cfb',
+            'seed-cfb',
+            'salsa20',
+            'chacha20',
+            'chacha20-ietf',
+            'none',
+            ...(includeUnsupportedProxy
+                ? ['2022-blake3-aes-128-gcm', '2022-blake3-aes-256-gcm']
+                : []),
+        ].includes(proxy.cipher)
+    ) {
+        throw new Error(`cipher ${proxy.cipher} is not supported`);
+    }
     result.append(`,encrypt-method=${proxy.cipher}`);
     result.appendIfPresent(`,password=${proxy.password}`, 'password');
 
-    result.appendIfPresent(
-        `,ip-version=${ipVersions[proxy['ip-version']] || proxy['ip-version']}`,
-        'ip-version',
-    );
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
 
     result.appendIfPresent(
         `,no-error-alert=${proxy['no-error-alert']}`,
@@ -69,7 +115,7 @@ function shadowsocks(proxy) {
                 `,obfs-uri=${proxy['plugin-opts'].path}`,
                 'plugin-opts.path',
             );
-        } else {
+        } else if (!['shadow-tls'].includes(proxy.plugin)) {
             throw new Error(`plugin ${proxy.plugin} is not supported`);
         }
     }
@@ -79,9 +125,26 @@ function shadowsocks(proxy) {
 
     // udp
     result.appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
+    // udp-port
+    result.appendIfPresent(`,udp-port=${proxy['udp-port']}`, 'udp-port');
 
     // test-url
     result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
 
     // shadow-tls
     if (isPresent(proxy, 'shadow-tls-password')) {
@@ -95,6 +158,24 @@ function shadowsocks(proxy) {
             `,shadow-tls-sni=${proxy['shadow-tls-sni']}`,
             'shadow-tls-sni',
         );
+    } else if (['shadow-tls'].includes(proxy.plugin) && proxy['plugin-opts']) {
+        const password = proxy['plugin-opts'].password;
+        const host = proxy['plugin-opts'].host;
+        const version = proxy['plugin-opts'].version;
+        if (password) {
+            result.append(`,shadow-tls-password=${password}`);
+            if (host) {
+                result.append(`,shadow-tls-sni=${host}`);
+            }
+            if (version) {
+                if (version < 2) {
+                    throw new Error(
+                        `shadow-tls version ${version} is not supported`,
+                    );
+                }
+                result.append(`,shadow-tls-version=${version}`);
+            }
+        }
     }
 
     // block-quic
@@ -114,10 +195,8 @@ function trojan(proxy) {
     result.append(`${proxy.name}=${proxy.type},${proxy.server},${proxy.port}`);
     result.appendIfPresent(`,password=${proxy.password}`, 'password');
 
-    result.appendIfPresent(
-        `,ip-version=${ipVersions[proxy['ip-version']] || proxy['ip-version']}`,
-        'ip-version',
-    );
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
 
     result.appendIfPresent(
         `,no-error-alert=${proxy['no-error-alert']}`,
@@ -151,6 +230,21 @@ function trojan(proxy) {
 
     // test-url
     result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
 
     // shadow-tls
     if (isPresent(proxy, 'shadow-tls-password')) {
@@ -178,15 +272,13 @@ function trojan(proxy) {
     return result.toString();
 }
 
-function vmess(proxy) {
+function vmess(proxy, includeUnsupportedProxy) {
     const result = new Result(proxy);
     result.append(`${proxy.name}=${proxy.type},${proxy.server},${proxy.port}`);
     result.appendIfPresent(`,username=${proxy.uuid}`, 'uuid');
 
-    result.appendIfPresent(
-        `,ip-version=${ipVersions[proxy['ip-version']] || proxy['ip-version']}`,
-        'ip-version',
-    );
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
 
     result.appendIfPresent(
         `,no-error-alert=${proxy['no-error-alert']}`,
@@ -194,7 +286,7 @@ function vmess(proxy) {
     );
 
     // transport
-    handleTransport(result, proxy);
+    handleTransport(result, proxy, includeUnsupportedProxy);
 
     // AEAD
     if (isPresent(proxy, 'aead')) {
@@ -227,6 +319,21 @@ function vmess(proxy) {
 
     // test-url
     result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
 
     // shadow-tls
     if (isPresent(proxy, 'shadow-tls-password')) {
@@ -254,6 +361,71 @@ function vmess(proxy) {
     return result.toString();
 }
 
+function ssh(proxy) {
+    const result = new Result(proxy);
+    result.append(`${proxy.name}=ssh,${proxy.server},${proxy.port}`);
+    result.appendIfPresent(`,${proxy.username}`, 'username');
+    // 所有的类似的字段都有双引号的问题 暂不处理
+    result.appendIfPresent(`,${proxy.password}`, 'password');
+
+    // https://manual.nssurge.com/policy/ssh.html
+    // 需配合 Keystore
+    result.appendIfPresent(
+        `,private-key=${proxy['keystore-private-key']}`,
+        'keystore-private-key',
+    );
+    result.appendIfPresent(
+        `,idle-timeout=${proxy['idle-timeout']}`,
+        'idle-timeout',
+    );
+    result.appendIfPresent(
+        `,server-fingerprint="${proxy['server-fingerprint']}"`,
+        'server-fingerprint',
+    );
+
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
+
+    result.appendIfPresent(
+        `,no-error-alert=${proxy['no-error-alert']}`,
+        'no-error-alert',
+    );
+
+    // tfo
+    result.appendIfPresent(`,tfo=${proxy.tfo}`, 'tfo');
+
+    // udp
+    result.appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
+
+    // test-url
+    result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
+
+    // block-quic
+    result.appendIfPresent(`,block-quic=${proxy['block-quic']}`, 'block-quic');
+
+    // underlying-proxy
+    result.appendIfPresent(
+        `,underlying-proxy=${proxy['underlying-proxy']}`,
+        'underlying-proxy',
+    );
+
+    return result.toString();
+}
 function http(proxy) {
     const result = new Result(proxy);
     const type = proxy.tls ? 'https' : 'http';
@@ -261,10 +433,8 @@ function http(proxy) {
     result.appendIfPresent(`,${proxy.username}`, 'username');
     result.appendIfPresent(`,${proxy.password}`, 'password');
 
-    result.appendIfPresent(
-        `,ip-version=${ipVersions[proxy['ip-version']] || proxy['ip-version']}`,
-        'ip-version',
-    );
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
 
     result.appendIfPresent(
         `,no-error-alert=${proxy['no-error-alert']}`,
@@ -292,6 +462,21 @@ function http(proxy) {
 
     // test-url
     result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
 
     // shadow-tls
     if (isPresent(proxy, 'shadow-tls-password')) {
@@ -326,10 +511,8 @@ function socks5(proxy) {
     result.appendIfPresent(`,${proxy.username}`, 'username');
     result.appendIfPresent(`,${proxy.password}`, 'password');
 
-    result.appendIfPresent(
-        `,ip-version=${ipVersions[proxy['ip-version']] || proxy['ip-version']}`,
-        'ip-version',
-    );
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
 
     result.appendIfPresent(
         `,no-error-alert=${proxy['no-error-alert']}`,
@@ -359,6 +542,21 @@ function socks5(proxy) {
 
     // test-url
     result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
 
     // shadow-tls
     if (isPresent(proxy, 'shadow-tls-password')) {
@@ -392,10 +590,8 @@ function snell(proxy) {
     result.appendIfPresent(`,version=${proxy.version}`, 'version');
     result.appendIfPresent(`,psk=${proxy.psk}`, 'psk');
 
-    result.appendIfPresent(
-        `,ip-version=${ipVersions[proxy['ip-version']] || proxy['ip-version']}`,
-        'ip-version',
-    );
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
 
     result.appendIfPresent(
         `,no-error-alert=${proxy['no-error-alert']}`,
@@ -416,11 +612,29 @@ function snell(proxy) {
         'obfs-opts.path',
     );
 
+    // tfo
+    result.appendIfPresent(`,tfo=${proxy.tfo}`, 'tfo');
+
     // udp
     result.appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
 
     // test-url
     result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
 
     // shadow-tls
     if (isPresent(proxy, 'shadow-tls-password')) {
@@ -469,11 +683,18 @@ function tuic(proxy) {
         'alpn',
     );
 
+    if (isPresent(proxy, 'ports')) {
+        result.append(`,port-hopping="${proxy.ports.replace(/,/g, ';')}"`);
+    }
+
     result.appendIfPresent(
-        `,ip-version=${ipVersions[proxy['ip-version']] || proxy['ip-version']}`,
-        'ip-version',
+        `,port-hopping-interval=${proxy['hop-interval']}`,
+        'hop-interval',
     );
 
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
+
     result.appendIfPresent(
         `,no-error-alert=${proxy['no-error-alert']}`,
         'no-error-alert',
@@ -501,6 +722,21 @@ function tuic(proxy) {
 
     // test-url
     result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
 
     // shadow-tls
     if (isPresent(proxy, 'shadow-tls-password')) {
@@ -531,6 +767,122 @@ function tuic(proxy) {
 }
 
 function wireguard(proxy) {
+    if (Array.isArray(proxy.peers) && proxy.peers.length > 0) {
+        proxy.server = proxy.peers[0].server;
+        proxy.port = proxy.peers[0].port;
+        proxy.ip = proxy.peers[0].ip;
+        proxy.ipv6 = proxy.peers[0].ipv6;
+        proxy['public-key'] = proxy.peers[0]['public-key'];
+        proxy['preshared-key'] = proxy.peers[0]['pre-shared-key'];
+        // https://github.com/MetaCubeX/mihomo/blob/0404e35be8736b695eae018a08debb175c1f96e6/docs/config.yaml#L717
+        proxy['allowed-ips'] = proxy.peers[0]['allowed-ips'];
+        proxy.reserved = proxy.peers[0].reserved;
+    }
+    const result = new Result(proxy);
+
+    result.append(`# > WireGuard Proxy ${proxy.name}
+# ${proxy.name}=wireguard`);
+
+    proxy['section-name'] = getIfNotBlank(proxy['section-name'], proxy.name);
+
+    result.appendIfPresent(
+        `,section-name=${proxy['section-name']}`,
+        'section-name',
+    );
+    result.appendIfPresent(
+        `,no-error-alert=${proxy['no-error-alert']}`,
+        'no-error-alert',
+    );
+
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
+
+    // test-url
+    result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
+
+    // shadow-tls
+    if (isPresent(proxy, 'shadow-tls-password')) {
+        result.append(`,shadow-tls-password=${proxy['shadow-tls-password']}`);
+
+        result.appendIfPresent(
+            `,shadow-tls-version=${proxy['shadow-tls-version']}`,
+            'shadow-tls-version',
+        );
+        result.appendIfPresent(
+            `,shadow-tls-sni=${proxy['shadow-tls-sni']}`,
+            'shadow-tls-sni',
+        );
+    }
+
+    // block-quic
+    result.appendIfPresent(`,block-quic=${proxy['block-quic']}`, 'block-quic');
+
+    // underlying-proxy
+    result.appendIfPresent(
+        `,underlying-proxy=${proxy['underlying-proxy']}`,
+        'underlying-proxy',
+    );
+
+    result.append(`
+# > WireGuard Section ${proxy.name}
+[WireGuard ${proxy['section-name']}]
+private-key = ${proxy['private-key']}`);
+
+    result.appendIfPresent(`\nself-ip = ${proxy.ip}`, 'ip');
+    result.appendIfPresent(`\nself-ip-v6 = ${proxy.ipv6}`, 'ipv6');
+    if (proxy.dns) {
+        if (Array.isArray(proxy.dns)) {
+            proxy.dns = proxy.dns.join(', ');
+        }
+        result.append(`\ndns-server = ${proxy.dns}`);
+    }
+    result.appendIfPresent(`\nmtu = ${proxy.mtu}`, 'mtu');
+
+    if (ip_version === 'prefer-v6') {
+        result.append(`\nprefer-ipv6 = true`);
+    }
+    const allowedIps = Array.isArray(proxy['allowed-ips'])
+        ? proxy['allowed-ips'].join(',')
+        : proxy['allowed-ips'];
+    let reserved = Array.isArray(proxy.reserved)
+        ? proxy.reserved.join('/')
+        : proxy.reserved;
+    let presharedKey = proxy['preshared-key'] ?? proxy['pre-shared-key'];
+    if (presharedKey) {
+        presharedKey = `,preshared-key="${presharedKey}"`;
+    }
+    const peer = {
+        'public-key': proxy['public-key'],
+        'allowed-ips': allowedIps ? `"${allowedIps}"` : undefined,
+        endpoint: `${proxy.server}:${proxy.port}`,
+        keepalive: proxy['persistent-keepalive'] || proxy.keepalive,
+        'client-id': reserved,
+        'preshared-key': presharedKey,
+    };
+    result.append(
+        `\npeer = (${Object.keys(peer)
+            .filter((k) => peer[k] != null)
+            .map((k) => `${k} = ${peer[k]}`)
+            .join(', ')})`,
+    );
+    return result.toString();
+}
+function wireguard_surge(proxy) {
     const result = new Result(proxy);
 
     result.append(`${proxy.name}=wireguard`);
@@ -544,13 +896,26 @@ function wireguard(proxy) {
         'no-error-alert',
     );
 
-    result.appendIfPresent(
-        `,ip-version=${ipVersions[proxy['ip-version']] || proxy['ip-version']}`,
-        'ip-version',
-    );
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
 
     // test-url
     result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
 
     // shadow-tls
     if (isPresent(proxy, 'shadow-tls-password')) {
@@ -587,11 +952,18 @@ function hysteria2(proxy) {
 
     result.appendIfPresent(`,password=${proxy.password}`, 'password');
 
+    if (isPresent(proxy, 'ports')) {
+        result.append(`,port-hopping="${proxy.ports.replace(/,/g, ';')}"`);
+    }
+
     result.appendIfPresent(
-        `,ip-version=${ipVersions[proxy['ip-version']] || proxy['ip-version']}`,
-        'ip-version',
+        `,port-hopping-interval=${proxy['hop-interval']}`,
+        'hop-interval',
     );
 
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
+
     result.appendIfPresent(
         `,no-error-alert=${proxy['no-error-alert']}`,
         'no-error-alert',
@@ -617,6 +989,21 @@ function hysteria2(proxy) {
 
     // test-url
     result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
 
     // shadow-tls
     if (isPresent(proxy, 'shadow-tls-password')) {
@@ -652,7 +1039,7 @@ function hysteria2(proxy) {
     return result.toString();
 }
 
-function handleTransport(result, proxy) {
+function handleTransport(result, proxy, includeUnsupportedProxy) {
     if (isPresent(proxy, 'network')) {
         if (proxy.network === 'ws') {
             result.append(`,ws=true`);
@@ -678,7 +1065,13 @@ function handleTransport(result, proxy) {
                 }
             }
         } else {
-            throw new Error(`network ${proxy.network} is unsupported`);
+            if (includeUnsupportedProxy && ['http'].includes(proxy.network)) {
+                $.info(
+                    `Include Unsupported Proxy: nework ${proxy.network} -> tcp`,
+                );
+            } else {
+                throw new Error(`network ${proxy.network} is unsupported`);
+            }
         }
     }
 }

backend/src/core/proxy-utils/producers/surgemac.js

@@ -1,65 +1,183 @@
-import { Result } from './utils';
+import { Base64 } from 'js-base64';
+import { Result, isPresent } from './utils';
 import Surge_Producer from './surge';
+import ClashMeta_Producer from './clashmeta';
+import { isIPv4, isIPv6 } from '@/utils';
+import $ from '@/core/app';
 
 const targetPlatform = 'SurgeMac';
 
 const surge_Producer = Surge_Producer();
 
 export default function SurgeMac_Producer() {
-    const produce = (proxy) => {
+    const produce = (proxy, type, opts = {}) => {
         switch (proxy.type) {
-            case 'ssr':
-                return shadowsocksr(proxy);
-            case 'ss':
-                return surge_Producer.produce(proxy);
-            case 'trojan':
-                return surge_Producer.produce(proxy);
-            case 'vmess':
-                return surge_Producer.produce(proxy);
-            case 'http':
-                return surge_Producer.produce(proxy);
-            case 'socks5':
-                return surge_Producer.produce(proxy);
-            case 'snell':
-                return surge_Producer.produce(proxy);
-            case 'tuic':
-                return surge_Producer.produce(proxy);
+            case 'external':
+                return external(proxy);
+            // case 'ssr':
+            //     return shadowsocksr(proxy);
+            default: {
+                try {
+                    return surge_Producer.produce(proxy, type, opts);
+                } catch (e) {
+                    if (opts.useMihomoExternal) {
+                        $.log(
+                            `${proxy.name} is not supported on ${targetPlatform}, try to use Mihomo(SurgeMac - External Proxy Program) instead`,
+                        );
+                        return mihomo(proxy, type, opts);
+                    } else {
+                        throw new Error(
+                            `Surge for macOS 可手动指定链接参数 target=SurgeMac 或在 同步配置 中指定 SurgeMac 来启用 mihomo 支援 Surge 本身不支持的协议`,
+                        );
+                    }
+                }
+            }
         }
-        throw new Error(
-            `Platform ${targetPlatform} does not support proxy type: ${proxy.type}`,
-        );
     };
     return { produce };
 }
-
-function shadowsocksr(proxy) {
+function external(proxy) {
     const result = new Result(proxy);
-
-    proxy.local_port = '__SubStoreLocalPort__';
-    proxy.local_address = proxy.local_address ?? '127.0.0.1';
-
+    if (!proxy.exec || !proxy['local-port']) {
+        throw new Error(`${proxy.type}: exec and local-port are required`);
+    }
     result.append(
-        `${proxy.name} = external, exec = "${
-            proxy.exec || '/usr/local/bin/ssr-local'
-        }", address = "${proxy.server}", local-port = ${proxy.local_port}`,
+        `${proxy.name}=external,exec="${proxy.exec}",local-port=${proxy['local-port']}`,
     );
 
+    if (Array.isArray(proxy.args)) {
+        proxy.args.map((args) => {
+            result.append(`,args="${args}"`);
+        });
+    }
+    if (Array.isArray(proxy.addresses)) {
+        proxy.addresses.map((addresses) => {
+            result.append(`,addresses=${addresses}`);
+        });
+    }
+
+    result.appendIfPresent(
+        `,no-error-alert=${proxy['no-error-alert']}`,
+        'no-error-alert',
+    );
+
+    // tfo
+    if (isPresent(proxy, 'tfo')) {
+        result.append(`,tfo=${proxy['tfo']}`);
+    } else if (isPresent(proxy, 'fast-open')) {
+        result.append(`,tfo=${proxy['fast-open']}`);
+    }
+
+    // test-url
+    result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+
+    // block-quic
+    result.appendIfPresent(`,block-quic=${proxy['block-quic']}`, 'block-quic');
+
+    return result.toString();
+}
+// eslint-disable-next-line no-unused-vars
+function shadowsocksr(proxy) {
+    const external_proxy = {
+        ...proxy,
+        type: 'external',
+        exec: proxy.exec || '/usr/local/bin/ssr-local',
+        'local-port': '__SubStoreLocalPort__',
+        args: [],
+        addresses: [],
+        'local-address':
+            proxy.local_address ?? proxy['local-address'] ?? '127.0.0.1',
+    };
+
+    // https://manual.nssurge.com/policy/external-proxy.html
+    if (isIP(proxy.server)) {
+        external_proxy.addresses.push(proxy.server);
+    } else {
+        $.log(
+            `Platform ${targetPlatform}, proxy type ${proxy.type}: addresses should be an IP address, but got ${proxy.server}`,
+        );
+    }
+
     for (const [key, value] of Object.entries({
         cipher: '-m',
         obfs: '-o',
+        'obfs-param': '-g',
         password: '-k',
         port: '-p',
         protocol: '-O',
         'protocol-param': '-G',
         server: '-s',
-        local_port: '-l',
-        local_address: '-b',
+        'local-port': '-l',
+        'local-address': '-b',
     })) {
-        result.appendIfPresent(
-            `, args = "${value}", args = "${proxy[key]}"`,
-            key,
-        );
+        if (external_proxy[key] != null) {
+            external_proxy.args.push(value);
+            external_proxy.args.push(external_proxy[key]);
+        }
     }
 
-    return result.toString();
+    return external(external_proxy);
+}
+// eslint-disable-next-line no-unused-vars
+function mihomo(proxy, type, opts) {
+    const clashProxy = ClashMeta_Producer().produce([proxy], 'internal')?.[0];
+    if (clashProxy) {
+        const localPort = opts?.localPort || proxy._localPort || 65535;
+        const ipv6 = ['ipv4', 'v4-only'].includes(proxy['ip-version'])
+            ? false
+            : true;
+        const external_proxy = {
+            name: proxy.name,
+            type: 'external',
+            exec: proxy._exec || '/usr/local/bin/mihomo',
+            'local-port': localPort,
+            args: [
+                '-config',
+                Base64.encode(
+                    JSON.stringify({
+                        'mixed-port': localPort,
+                        ipv6,
+                        mode: 'global',
+                        dns: {
+                            enable: true,
+                            ipv6,
+                            nameserver: [
+                                'https://223.6.6.6/dns-query',
+                                'https://120.53.53.53/dns-query',
+                            ],
+                        },
+                        proxies: [
+                            {
+                                ...clashProxy,
+                                name: 'proxy',
+                            },
+                        ],
+                        'proxy-groups': [
+                            {
+                                name: 'GLOBAL',
+                                type: 'select',
+                                proxies: ['proxy'],
+                            },
+                        ],
+                    }),
+                ),
+            ],
+            addresses: [],
+        };
+
+        // https://manual.nssurge.com/policy/external-proxy.html
+        if (isIP(proxy.server)) {
+            external_proxy.addresses.push(proxy.server);
+        } else {
+            $.log(
+                `Platform ${targetPlatform}, proxy type ${proxy.type}: addresses should be an IP address, but got ${proxy.server}`,
+            );
+        }
+        opts.localPort = localPort - 1;
+        return external(external_proxy);
+    }
+}
+
+function isIP(ip) {
+    return isIPv4(ip) || isIPv6(ip);
 }

backend/src/core/proxy-utils/producers/uri.js

@@ -6,6 +6,23 @@ export default function URI_Producer() {
     const type = 'SINGLE';
     const produce = (proxy) => {
         let result = '';
+        delete proxy.subName;
+        delete proxy.collectionName;
+        delete proxy.id;
+        delete proxy.resolved;
+        delete proxy['no-resolve'];
+        for (const key in proxy) {
+            if (proxy[key] == null || /^_/i.test(key)) {
+                delete proxy[key];
+            }
+        }
+        if (
+            ['trojan', 'tuic', 'hysteria', 'hysteria2', 'juicity'].includes(
+                proxy.type,
+            )
+        ) {
+            delete proxy.tls;
+        }
         if (proxy.server && isIPv6(proxy.server)) {
             proxy.server = `[${proxy.server}]`;
         }
@@ -14,7 +31,7 @@ export default function URI_Producer() {
                 const userinfo = `${proxy.cipher}:${proxy.password}`;
                 result = `ss://${Base64.encode(userinfo)}@${proxy.server}:${
                     proxy.port
-                }/`;
+                }${proxy.plugin ? '/' : ''}`;
                 if (proxy.plugin) {
                     result += '?plugin=';
                     const opts = proxy['plugin-opts'];
@@ -39,6 +56,14 @@ export default function URI_Producer() {
                             );
                     }
                 }
+                if (proxy['udp-over-tcp']) {
+                    result = `${result}${proxy.plugin ? '&' : '?'}uot=1`;
+                }
+                if (proxy.tfo) {
+                    result = `${result}${
+                        proxy.plugin || proxy['udp-over-tcp'] ? '&' : '?'
+                    }tfo=1`;
+                }
                 result += `#${encodeURIComponent(proxy.name)}`;
                 break;
             case 'ssr':
@@ -64,6 +89,11 @@ export default function URI_Producer() {
                 if (proxy.network === 'http') {
                     net = 'tcp';
                     type = 'http';
+                } else if (
+                    proxy.network === 'ws' &&
+                    proxy['ws-opts']?.['v2ray-http-upgrade']
+                ) {
+                    net = 'httpupgrade';
                 }
                 result = {
                     v: '2',
@@ -152,9 +182,15 @@ export default function URI_Producer() {
                 if (proxy.flow) {
                     flow = `&flow=${encodeURIComponent(proxy.flow)}`;
                 }
-                let vlessTransport = `&type=${encodeURIComponent(
-                    proxy.network,
-                )}`;
+                let vlessType = proxy.network;
+                if (
+                    proxy.network === 'ws' &&
+                    proxy['ws-opts']?.['v2ray-http-upgrade']
+                ) {
+                    vlessType = 'httpupgrade';
+                }
+
+                let vlessTransport = `&type=${encodeURIComponent(vlessType)}`;
                 if (['grpc'].includes(proxy.network)) {
                     // https://github.com/XTLS/Xray-core/issues/91
                     vlessTransport += `&mode=${encodeURIComponent(
@@ -188,19 +224,53 @@ export default function URI_Producer() {
                         vlessTransportServiceName,
                     )}`;
                 }
+                if (proxy.network === 'kcp') {
+                    if (proxy.seed) {
+                        vlessTransport += `&seed=${encodeURIComponent(
+                            proxy.seed,
+                        )}`;
+                    }
+                    if (proxy.headerType) {
+                        vlessTransport += `&headerType=${encodeURIComponent(
+                            proxy.headerType,
+                        )}`;
+                    }
+                }
 
                 result = `vless://${proxy.uuid}@${proxy.server}:${
                     proxy.port
-                }?${vlessTransport}&security=${encodeURIComponent(
+                }?security=${encodeURIComponent(
                     security,
-                )}${alpn}${allowInsecure}${sni}${fp}${flow}${sid}${pbk}#${encodeURIComponent(
+                )}${vlessTransport}${alpn}${allowInsecure}${sni}${fp}${flow}${sid}${pbk}#${encodeURIComponent(
                     proxy.name,
                 )}`;
                 break;
             case 'trojan':
                 let trojanTransport = '';
                 if (proxy.network) {
-                    trojanTransport = `&type=${proxy.network}`;
+                    let trojanType = proxy.network;
+                    if (
+                        proxy.network === 'ws' &&
+                        proxy['ws-opts']?.['v2ray-http-upgrade']
+                    ) {
+                        trojanType = 'httpupgrade';
+                    }
+                    trojanTransport = `&type=${encodeURIComponent(trojanType)}`;
+                    if (['grpc'].includes(proxy.network)) {
+                        let trojanTransportServiceName =
+                            proxy[`${proxy.network}-opts`]?.[
+                                `${proxy.network}-service-name`
+                            ];
+                        if (trojanTransportServiceName) {
+                            trojanTransport += `&serviceName=${encodeURIComponent(
+                                trojanTransportServiceName,
+                            )}`;
+                        }
+                        trojanTransport += `&mode=${encodeURIComponent(
+                            proxy[`${proxy.network}-opts`]?.['_grpc-type'] ||
+                                'gun',
+                        )}`;
+                    }
                     let trojanTransportPath =
                         proxy[`${proxy.network}-opts`]?.path;
                     let trojanTransportHost =
@@ -248,6 +318,9 @@ export default function URI_Producer() {
                         `sni=${encodeURIComponent(proxy.sni)}`,
                     );
                 }
+                if (proxy.ports) {
+                    hysteria2params.push(`mport=${proxy.ports}`);
+                }
                 if (proxy['tls-fingerprint']) {
                     hysteria2params.push(
                         `pinSHA256=${encodeURIComponent(
@@ -264,6 +337,162 @@ export default function URI_Producer() {
                     '&',
                 )}#${encodeURIComponent(proxy.name)}`;
                 break;
+            case 'hysteria':
+                let hysteriaParams = [];
+                Object.keys(proxy).forEach((key) => {
+                    if (!['name', 'type', 'server', 'port'].includes(key)) {
+                        const i = key.replace(/-/, '_');
+                        if (['alpn'].includes(key)) {
+                            if (proxy[key]) {
+                                hysteriaParams.push(
+                                    `${i}=${encodeURIComponent(
+                                        Array.isArray(proxy[key])
+                                            ? proxy[key][0]
+                                            : proxy[key],
+                                    )}`,
+                                );
+                            }
+                        } else if (['skip-cert-verify'].includes(key)) {
+                            if (proxy[key]) {
+                                hysteriaParams.push(`insecure=1`);
+                            }
+                        } else if (['tfo', 'fast-open'].includes(key)) {
+                            if (
+                                proxy[key] &&
+                                !hysteriaParams.includes('fastopen=1')
+                            ) {
+                                hysteriaParams.push(`fastopen=1`);
+                            }
+                        } else if (['ports'].includes(key)) {
+                            hysteriaParams.push(`mport=${proxy[key]}`);
+                        } else if (['auth-str'].includes(key)) {
+                            hysteriaParams.push(`auth=${proxy[key]}`);
+                        } else if (['up'].includes(key)) {
+                            hysteriaParams.push(`upmbps=${proxy[key]}`);
+                        } else if (['down'].includes(key)) {
+                            hysteriaParams.push(`downmbps=${proxy[key]}`);
+                        } else if (['_obfs'].includes(key)) {
+                            hysteriaParams.push(`obfs=${proxy[key]}`);
+                        } else if (['obfs'].includes(key)) {
+                            hysteriaParams.push(`obfsParam=${proxy[key]}`);
+                        } else if (['sni'].includes(key)) {
+                            hysteriaParams.push(`peer=${proxy[key]}`);
+                        } else if (proxy[key]) {
+                            hysteriaParams.push(
+                                `${i}=${encodeURIComponent(proxy[key])}`,
+                            );
+                        }
+                    }
+                });
+
+                result = `hysteria://${proxy.server}:${
+                    proxy.port
+                }?${hysteriaParams.join('&')}#${encodeURIComponent(
+                    proxy.name,
+                )}`;
+                break;
+
+            case 'tuic':
+                if (!proxy.token || proxy.token.length === 0) {
+                    let tuicParams = [];
+                    Object.keys(proxy).forEach((key) => {
+                        if (
+                            ![
+                                'name',
+                                'type',
+                                'uuid',
+                                'password',
+                                'server',
+                                'port',
+                            ].includes(key)
+                        ) {
+                            const i = key.replace(/-/, '_');
+                            if (['alpn'].includes(key)) {
+                                if (proxy[key]) {
+                                    tuicParams.push(
+                                        `${i}=${encodeURIComponent(
+                                            Array.isArray(proxy[key])
+                                                ? proxy[key][0]
+                                                : proxy[key],
+                                        )}`,
+                                    );
+                                }
+                            } else if (['skip-cert-verify'].includes(key)) {
+                                if (proxy[key]) {
+                                    tuicParams.push(`allow_insecure=1`);
+                                }
+                            } else if (['tfo', 'fast-open'].includes(key)) {
+                                if (
+                                    proxy[key] &&
+                                    !tuicParams.includes('fast_open=1')
+                                ) {
+                                    tuicParams.push(`fast_open=1`);
+                                }
+                            } else if (
+                                ['disable-sni', 'reduce-rtt'].includes(key) &&
+                                proxy[key]
+                            ) {
+                                tuicParams.push(`${i}=1`);
+                            } else if (proxy[key]) {
+                                tuicParams.push(
+                                    `${i}=${encodeURIComponent(proxy[key])}`,
+                                );
+                            }
+                        }
+                    });
+
+                    result = `tuic://${encodeURIComponent(
+                        proxy.uuid,
+                    )}:${encodeURIComponent(proxy.password)}@${proxy.server}:${
+                        proxy.port
+                    }?${tuicParams.join('&')}#${encodeURIComponent(
+                        proxy.name,
+                    )}`;
+                }
+                break;
+            case 'wireguard':
+                let wireguardParams = [];
+
+                Object.keys(proxy).forEach((key) => {
+                    if (
+                        ![
+                            'name',
+                            'type',
+                            'server',
+                            'port',
+                            'ip',
+                            'ipv6',
+                            'private-key',
+                        ].includes(key)
+                    ) {
+                        if (['public-key'].includes(key)) {
+                            wireguardParams.push(`publickey=${proxy[key]}`);
+                        } else if (['udp'].includes(key)) {
+                            if (proxy[key]) {
+                                wireguardParams.push(`${key}=1`);
+                            }
+                        } else if (proxy[key]) {
+                            wireguardParams.push(
+                                `${key}=${encodeURIComponent(proxy[key])}`,
+                            );
+                        }
+                    }
+                });
+                if (proxy.ip && proxy.ipv6) {
+                    wireguardParams.push(
+                        `address=${proxy.ip}/32,${proxy.ipv6}/128`,
+                    );
+                } else if (proxy.ip) {
+                    wireguardParams.push(`address=${proxy.ip}/32`);
+                } else if (proxy.ipv6) {
+                    wireguardParams.push(`address=${proxy.ipv6}/128`);
+                }
+                result = `wireguard://${encodeURIComponent(
+                    proxy['private-key'],
+                )}@${proxy.server}:${proxy.port}/?${wireguardParams.join(
+                    '&',
+                )}#${encodeURIComponent(proxy.name)}`;
+                break;
         }
         return result;
     };

backend/src/core/proxy-utils/producers/v2ray.js

@@ -1,12 +1,30 @@
 /* eslint-disable no-case-declarations */
 import { Base64 } from 'js-base64';
 import URI_Producer from './uri';
+import $ from '@/core/app';
 
 const URI = URI_Producer();
 
 export default function V2Ray_Producer() {
     const type = 'ALL';
-    const produce = (proxies) =>
-        Base64.encode(proxies.map((proxy) => URI.produce(proxy)).join('\n'));
+    const produce = (proxies) => {
+        let result = [];
+        proxies.map((proxy) => {
+            try {
+                result.push(URI.produce(proxy));
+            } catch (err) {
+                $.error(
+                    `Cannot produce proxy: ${JSON.stringify(
+                        proxy,
+                        null,
+                        2,
+                    )}\nReason: ${err}`,
+                );
+            }
+        });
+
+        return Base64.encode(result.join('\n'));
+    };
+
     return { type, produce };
 }

backend/src/core/rule-utils/parsers.js

@@ -9,7 +9,9 @@ const RULE_TYPES_MAPPING = [
     [/^(IN|SRC)-PORT$/, 'IN-PORT'],
     [/^PROTOCOL$/, 'PROTOCOL'],
     [/^IP-CIDR$/i, 'IP-CIDR'],
-    [/^(IP-CIDR6|ip6-cidr|IP6-CIDR)$/],
+    [/^(IP-CIDR6|ip6-cidr|IP6-CIDR)$/, 'IP-CIDR6'],
+    [/^GEOIP$/i, 'GEOIP'],
+    [/^GEOSITE$/i, 'GEOSITE'],
 ];
 
 function AllRuleParser() {
@@ -37,8 +39,7 @@ function AllRuleParser() {
                             content: params[1],
                         };
                         if (
-                            rule.type === 'IP-CIDR' ||
-                            rule.type === 'IP-CIDR6'
+                            ['IP-CIDR', 'IP-CIDR6', 'GEOIP'].includes(rule.type)
                         ) {
                             rule.options = params.slice(2);
                         }

backend/src/core/rule-utils/preprocessors.js

@@ -8,7 +8,7 @@ function HTML() {
 
 function ClashProvider() {
     const name = 'Clash Provider';
-    const test = (raw) => raw.indexOf('payload:') === 0;
+    const test = (raw) => /^payload:/gm.exec(raw).index >= 0;
     const parse = (raw) => {
         return raw.replace('payload:', '').replace(/^\s*-\s*/gm, '');
     };

backend/src/core/rule-utils/producers.js

@@ -1,4 +1,4 @@
-import YAML from 'static-js-yaml';
+import YAML from '@/utils/yaml';
 
 function QXFilter() {
     const type = 'SINGLE';
@@ -10,6 +10,8 @@ function QXFilter() {
             'SRC-IP',
             'IN-PORT',
             'PROTOCOL',
+            'GEOSITE',
+            'GEOIP',
         ];
         if (UNSUPPORTED.indexOf(rule.type) !== -1) return null;
 
@@ -29,9 +31,12 @@ function QXFilter() {
 function SurgeRuleSet() {
     const type = 'SINGLE';
     const func = (rule) => {
+        const UNSUPPORTED = ['GEOSITE', 'GEOIP'];
+        if (UNSUPPORTED.indexOf(rule.type) !== -1) return null;
         let output = `${rule.type},${rule.content}`;
-        if (rule.type === 'IP-CIDR' || rule.type === 'IP-CIDR6') {
-            output += rule.options ? `,${rule.options[0]}` : '';
+        if (['IP-CIDR', 'IP-CIDR6'].includes(rule.type)) {
+            output +=
+                rule.options?.length > 0 ? `,${rule.options.join(',')}` : '';
         }
         return output;
     };
@@ -42,8 +47,14 @@ function LoonRules() {
     const type = 'SINGLE';
     const func = (rule) => {
         // skip unsupported rules
-        const UNSUPPORTED = ['DEST-PORT', 'SRC-IP', 'IN-PORT', 'PROTOCOL'];
+        const UNSUPPORTED = ['SRC-IP', 'GEOSITE', 'GEOIP'];
         if (UNSUPPORTED.indexOf(rule.type) !== -1) return null;
+        if (['IP-CIDR', 'IP-CIDR6'].includes(rule.type) && rule.options) {
+            // Loon only supports the no-resolve option
+            rule.options = rule.options.filter((option) =>
+                ['no-resolve'].includes(option),
+            );
+        }
         return SurgeRuleSet().func(rule);
     };
     return { type, func };
@@ -62,8 +73,17 @@ function ClashRuleProvider() {
                 let output = `${TRANSFORM[rule.type] || rule.type},${
                     rule.content
                 }`;
-                if (rule.type === 'IP-CIDR' || rule.type === 'IP-CIDR6') {
-                    output += rule.options ? `,${rule.options[0]}` : '';
+                if (['IP-CIDR', 'IP-CIDR6', 'GEOIP'].includes(rule.type)) {
+                    if (rule.options) {
+                        // Clash only supports the no-resolve option
+                        rule.options = rule.options.filter((option) =>
+                            ['no-resolve'].includes(option),
+                        );
+                    }
+                    output +=
+                        rule.options?.length > 0
+                            ? `,${rule.options.join(',')}`
+                            : '';
                 }
                 return output;
             }),

backend/src/products/cron-sync-artifacts.js

@@ -1,21 +1,75 @@
 import { version } from '../../package.json';
-import { SETTINGS_KEY, ARTIFACTS_KEY } from '@/constants';
+import {
+    SETTINGS_KEY,
+    ARTIFACTS_KEY,
+    SUBS_KEY,
+    COLLECTIONS_KEY,
+} from '@/constants';
 import $ from '@/core/app';
 import { produceArtifact } from '@/restful/sync';
 import { syncToGist } from '@/restful/artifacts';
+import { findByName } from '@/utils/database';
 
 !(async function () {
-    const settings = $.read(SETTINGS_KEY);
-    // if GitHub token is not configured
-    if (!settings.githubUser || !settings.gistToken) return;
+    let arg;
+    if (typeof $argument != 'undefined') {
+        arg = Object.fromEntries(
+            // eslint-disable-next-line no-undef
+            $argument.split('&').map((item) => item.split('=')),
+        );
+    } else {
+        arg = {};
+    }
+    let sub_names = (arg?.subscription ?? arg?.sub ?? '')
+        .split(/,|，/g)
+        .map((i) => i.trim())
+        .filter((i) => i.length > 0)
+        .map((i) => decodeURIComponent(i));
+    let col_names = (arg?.collection ?? arg?.col ?? '')
+        .split(/,|，/g)
+        .map((i) => i.trim())
+        .filter((i) => i.length > 0)
+        .map((i) => decodeURIComponent(i));
+    if (sub_names.length > 0 || col_names.length > 0) {
+        if (sub_names.length > 0)
+            await produceArtifacts(sub_names, 'subscription');
+        if (col_names.length > 0)
+            await produceArtifacts(col_names, 'collection');
+    } else {
+        const settings = $.read(SETTINGS_KEY);
+        // if GitHub token is not configured
+        if (!settings.githubUser || !settings.gistToken) return;
 
-    const artifacts = $.read(ARTIFACTS_KEY);
-    if (!artifacts || artifacts.length === 0) return;
+        const artifacts = $.read(ARTIFACTS_KEY);
+        if (!artifacts || artifacts.length === 0) return;
 
-    const shouldSync = artifacts.some((artifact) => artifact.sync);
-    if (shouldSync) await doSync();
+        const shouldSync = artifacts.some((artifact) => artifact.sync);
+        if (shouldSync) await doSync();
+    }
 })().finally(() => $.done());
 
+async function produceArtifacts(names, type) {
+    try {
+        if (names.length > 0) {
+            $.info(`produceArtifacts ${type} 开始: ${names.join(', ')}`);
+            await Promise.all(
+                names.map(async (name) => {
+                    try {
+                        await produceArtifact({
+                            type,
+                            name,
+                        });
+                    } catch (e) {
+                        $.error(`${type} ${name} error: ${e.message ?? e}`);
+                    }
+                }),
+            );
+            $.info(`produceArtifacts ${type} 完成: ${names.join(', ')}`);
+        }
+    } catch (e) {
+        $.error(`produceArtifacts error: ${e.message ?? e}`);
+    }
+}
 async function doSync() {
     console.log(
         `
@@ -30,23 +84,94 @@ async function doSync() {
     const files = {};
 
     try {
+        const invalid = [];
+        const allSubs = $.read(SUBS_KEY);
+        const allCols = $.read(COLLECTIONS_KEY);
+        const subNames = [];
+        allArtifacts.map((artifact) => {
+            if (artifact.sync && artifact.source) {
+                if (artifact.type === 'subscription') {
+                    const subName = artifact.source;
+                    const sub = findByName(allSubs, subName);
+                    if (sub && sub.url && !subNames.includes(subName)) {
+                        subNames.push(subName);
+                    }
+                } else if (artifact.type === 'collection') {
+                    const collection = findByName(allCols, artifact.source);
+                    if (collection && Array.isArray(collection.subscriptions)) {
+                        collection.subscriptions.map((subName) => {
+                            const sub = findByName(allSubs, subName);
+                            if (sub && sub.url && !subNames.includes(subName)) {
+                                subNames.push(subName);
+                            }
+                        });
+                    }
+                }
+            }
+        });
+
+        if (subNames.length > 0) {
+            await Promise.all(
+                subNames.map(async (subName) => {
+                    try {
+                        await produceArtifact({
+                            type: 'subscription',
+                            name: subName,
+                            awaitCustomCache: true,
+                        });
+                    } catch (e) {
+                        // $.error(`${e.message ?? e}`);
+                    }
+                }),
+            );
+        }
         await Promise.all(
             allArtifacts.map(async (artifact) => {
-                if (artifact.sync) {
-                    $.info(`正在同步云配置：${artifact.name}...`);
-                    const output = await produceArtifact({
-                        type: artifact.type,
-                        name: artifact.source,
-                        platform: artifact.platform,
-                    });
+                try {
+                    if (artifact.sync && artifact.source) {
+                        $.info(`正在同步云配置：${artifact.name}...`);
 
-                    files[artifact.name] = {
-                        content: output,
-                    };
+                        const useMihomoExternal =
+                            artifact.platform === 'SurgeMac';
+
+                        if (useMihomoExternal) {
+                            $.info(
+                                `手动指定了 target 为 SurgeMac, 将使用 Mihomo External`,
+                            );
+                        }
+                        const output = await produceArtifact({
+                            type: artifact.type,
+                            name: artifact.source,
+                            platform: artifact.platform,
+                            produceOpts: {
+                                'include-unsupported-proxy':
+                                    artifact.includeUnsupportedProxy,
+                                useMihomoExternal,
+                            },
+                        });
+
+                        // if (!output || output.length === 0)
+                        //     throw new Error('该配置的结果为空 不进行上传');
+
+                        files[encodeURIComponent(artifact.name)] = {
+                            content: output,
+                        };
+                    }
+                } catch (e) {
+                    $.error(
+                        `同步配置 ${artifact.name} 发生错误: ${e.message ?? e}`,
+                    );
+                    invalid.push(artifact.name);
                 }
             }),
         );
 
+        if (invalid.length > 0) {
+            throw new Error(
+                `同步配置 ${invalid.join(', ')} 发生错误 详情请查看日志`,
+            );
+        }
+
         const resp = await syncToGist(files);
         const body = JSON.parse(resp.body);
 
@@ -54,17 +179,34 @@ async function doSync() {
             if (artifact.sync) {
                 artifact.updated = new Date().getTime();
                 // extract real url from gist
-                artifact.url = body.files[artifact.name].raw_url.replace(
-                    /\/raw\/[^/]*\/(.*)/,
-                    '/raw/$1',
+                let files = body.files;
+                let isGitLab;
+                if (Array.isArray(files)) {
+                    isGitLab = true;
+                    files = Object.fromEntries(
+                        files.map((item) => [item.path, item]),
+                    );
+                }
+                const raw_url =
+                    files[encodeURIComponent(artifact.name)]?.raw_url;
+                const new_url = isGitLab
+                    ? raw_url
+                    : raw_url?.replace(/\/raw\/[^/]*\/(.*)/, '/raw/$1');
+                $.info(
+                    `上传配置完成\n文件列表: ${Object.keys(files).join(
+                        ', ',
+                    )}\n当前文件: ${encodeURIComponent(
+                        artifact.name,
+                    )}\n响应返回的原始链接: ${raw_url}\n处理完的新链接: ${new_url}`,
                 );
+                artifact.url = new_url;
             }
         }
 
         $.write(allArtifacts, ARTIFACTS_KEY);
         $.notify('🌍 Sub-Store', '全部订阅同步成功！');
-    } catch (err) {
-        $.notify('🌍 Sub-Store', '同步订阅失败', `原因：${err}`);
-        $.error(`无法同步订阅配置到 Gist，原因：${err}`);
+    } catch (e) {
+        $.notify('🌍 Sub-Store', '同步订阅失败', `原因：${e.message ?? e}`);
+        $.error(`无法同步订阅配置到 Gist，原因：${e}`);
     }
 }

backend/src/products/resource-parser.loon.js

@@ -2,28 +2,79 @@
 import { ProxyUtils } from '@/core/proxy-utils';
 import { RuleUtils } from '@/core/rule-utils';
 import { version } from '../../package.json';
+import download from '@/utils/download';
 
-console.log(
-    `
-┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅
-     Sub-Store -- v${version}
-┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅
-`,
-);
+let result = '';
+let resource = typeof $resource !== 'undefined' ? $resource : '';
+let resourceType = typeof $resourceType !== 'undefined' ? $resourceType : '';
+let resourceUrl = typeof $resourceUrl !== 'undefined' ? $resourceUrl : '';
 
-const RESOURCE_TYPE = {
-    PROXY: 1,
-    RULE: 2,
-};
+!(async () => {
+    console.log(
+        `
+    ┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅
+         Sub-Store -- v${version}
+    ┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅
+    `,
+    );
 
-let result = $resource;
+    let arg;
+    if (typeof $argument != 'undefined') {
+        arg = Object.fromEntries(
+            $argument.split('&').map((item) => item.split('=')),
+        );
+    } else {
+        arg = {};
+    }
 
-if ($resourceType === RESOURCE_TYPE.PROXY) {
-    const proxies = ProxyUtils.parse($resource);
-    result = ProxyUtils.produce(proxies, 'Loon');
-} else if ($resourceType === RESOURCE_TYPE.RULE) {
-    const rules = RuleUtils.parse($resource);
-    result = RuleUtils.produce(rules, 'Loon');
-}
+    const RESOURCE_TYPE = {
+        PROXY: 1,
+        RULE: 2,
+    };
 
-$done(result);
+    result = resource;
+
+    if (resourceType === RESOURCE_TYPE.PROXY) {
+        try {
+            let proxies = ProxyUtils.parse(resource);
+            result = ProxyUtils.produce(proxies, 'Loon');
+        } catch (e) {
+            console.log('解析器: 使用 resource 出现错误');
+            console.log(e.message ?? e);
+        }
+        if ((!result || /^\s*$/.test(result)) && resourceUrl) {
+            console.log(`解析器: 尝试从 ${resourceUrl} 获取订阅`);
+            try {
+                let raw = await download(resourceUrl, arg?.ua, arg?.timeout);
+                let proxies = ProxyUtils.parse(raw);
+                result = ProxyUtils.produce(proxies, 'Loon');
+            } catch (e) {
+                console.log(e.message ?? e);
+            }
+        }
+    } else if (resourceType === RESOURCE_TYPE.RULE) {
+        try {
+            const rules = RuleUtils.parse(resource);
+            result = RuleUtils.produce(rules, 'Loon');
+        } catch (e) {
+            console.log(e.message ?? e);
+        }
+        if ((!result || /^\s*$/.test(result)) && resourceUrl) {
+            console.log(`解析器: 尝试从 ${resourceUrl} 获取规则`);
+            try {
+                let raw = await download(resourceUrl, arg?.ua, arg?.timeout);
+                let rules = RuleUtils.parse(raw);
+                result = RuleUtils.produce(rules, 'Loon');
+            } catch (e) {
+                console.log(e.message ?? e);
+            }
+        }
+    }
+})()
+    .catch(async (e) => {
+        console.log('解析器: 出现错误');
+        console.log(e.message ?? e);
+    })
+    .finally(() => {
+        $done(result || '');
+    });

backend/src/restful/artifacts.js

@@ -19,6 +19,8 @@ export default function register($app) {
     if (!$.read(ARTIFACTS_KEY)) $.write({}, ARTIFACTS_KEY);
 
     // RESTful APIs
+    $app.get('/api/artifacts/restore', restoreArtifacts);
+
     $app.route('/api/artifacts')
         .get(getAllArtifacts)
         .post(createArtifact)
@@ -30,6 +32,73 @@ export default function register($app) {
         .delete(deleteArtifact);
 }
 
+async function restoreArtifacts(_, res) {
+    $.info('开始恢复远程配置...');
+    try {
+        const { gistToken, syncPlatform } = $.read(SETTINGS_KEY);
+        if (!gistToken) {
+            return Promise.reject('未设置 GitHub Token！');
+        }
+        const manager = new Gist({
+            token: gistToken,
+            key: ARTIFACT_REPOSITORY_KEY,
+            syncPlatform,
+        });
+
+        try {
+            const gist = await manager.locate();
+            if (!gist?.files) {
+                throw new Error(`找不到 Sub-Store Gist 文件列表`);
+            }
+            const allArtifacts = $.read(ARTIFACTS_KEY);
+            const failed = [];
+            Object.keys(gist.files).map((key) => {
+                const filename = gist.files[key]?.filename;
+                if (filename) {
+                    if (encodeURIComponent(filename) !== filename) {
+                        $.error(`文件名 ${filename} 未编码 不保存`);
+                        failed.push(filename);
+                    } else {
+                        const artifact = findByName(allArtifacts, filename);
+                        if (artifact) {
+                            updateByName(allArtifacts, filename, {
+                                ...artifact,
+                                url: gist.files[key]?.raw_url.replace(
+                                    /\/raw\/[^/]*\/(.*)/,
+                                    '/raw/$1',
+                                ),
+                            });
+                        } else {
+                            allArtifacts.push({
+                                name: `${filename}`,
+                                url: gist.files[key]?.raw_url.replace(
+                                    /\/raw\/[^/]*\/(.*)/,
+                                    '/raw/$1',
+                                ),
+                            });
+                        }
+                    }
+                }
+            });
+            $.write(allArtifacts, ARTIFACTS_KEY);
+        } catch (err) {
+            $.error(`查找 Sub-Store Gist 时发生错误: ${err.message ?? err}`);
+            throw err;
+        }
+        success(res);
+    } catch (e) {
+        $.error(`恢复远程配置失败，原因：${e.message ?? e}`);
+        failed(
+            res,
+            new InternalServerError(
+                `FAILED_TO_RESTORE_ARTIFACTS`,
+                `Failed to restore artifacts`,
+                `Reason: ${e.message ?? e}`,
+            ),
+        );
+    }
+}
+
 function getAllArtifacts(req, res) {
     const allArtifacts = $.read(ARTIFACTS_KEY);
     success(res, allArtifacts);
@@ -140,6 +209,12 @@ async function deleteArtifact(req, res) {
             files[encodeURIComponent(artifact.name)] = {
                 content: '',
             };
+            if (encodeURIComponent(artifact.name) !== artifact.name) {
+                files[artifact.name] = {
+                    content: '',
+                };
+            }
+
             // 当别的Sub 删了同步订阅 或 gist里面删了 当前设备没有删除 时 无法删除的bug
             try {
                 await syncToGist(files);
@@ -169,15 +244,34 @@ function validateArtifactName(name) {
 }
 
 async function syncToGist(files) {
-    const { gistToken } = $.read(SETTINGS_KEY);
+    const { gistToken, syncPlatform } = $.read(SETTINGS_KEY);
     if (!gistToken) {
-        return Promise.reject('未设置Gist Token！');
+        return Promise.reject('未设置 GitHub Token！');
     }
     const manager = new Gist({
         token: gistToken,
         key: ARTIFACT_REPOSITORY_KEY,
+        syncPlatform,
     });
-    return manager.upload(files);
+    const res = await manager.upload(files);
+    let body = {};
+    try {
+        body = JSON.parse(res.body);
+        // eslint-disable-next-line no-empty
+    } catch (e) {}
+
+    const url = body?.html_url ?? body?.web_url;
+    const settings = $.read(SETTINGS_KEY);
+    if (url) {
+        $.log(`同步 Gist 后, 找到 Sub-Store Gist: ${url}`);
+        settings.artifactStore = url;
+        settings.artifactStoreStatus = 'VALID';
+    } else {
+        $.error(`同步 Gist 后, 找不到 Sub-Store Gist`);
+        settings.artifactStoreStatus = 'NOT FOUND';
+    }
+    $.write(settings, SETTINGS_KEY);
+    return res;
 }
 
 export { syncToGist };

backend/src/restful/download.js

@@ -1,4 +1,5 @@
-import { getPlatformFromHeaders } from '@/utils/platform';
+import { getPlatformFromHeaders } from '@/utils/user-agent';
+import { ProxyUtils } from '@/core/proxy-utils';
 import { COLLECTIONS_KEY, SUBS_KEY } from '@/constants';
 import { findByName } from '@/utils/database';
 import { getFlowHeaders } from '@/utils/flow';
@@ -6,25 +7,98 @@ import $ from '@/core/app';
 import { failed } from '@/restful/response';
 import { InternalServerError, ResourceNotFoundError } from '@/restful/errors';
 import { produceArtifact } from '@/restful/sync';
+// eslint-disable-next-line no-unused-vars
+import { isIPv4, isIPv6 } from '@/utils';
+import { getISO } from '@/utils/geo';
+import env from '@/utils/env';
 
 export default function register($app) {
     $app.get('/download/collection/:name', downloadCollection);
     $app.get('/download/:name', downloadSubscription);
+    $app.get(
+        '/download/collection/:name/api/v1/server/details',
+        async (req, res) => {
+            req.query.platform = 'JSON';
+            req.query.produceType = 'internal';
+            req.query.resultFormat = 'nezha';
+            await downloadCollection(req, res);
+        },
+    );
+    $app.get('/download/:name/api/v1/server/details', async (req, res) => {
+        req.query.platform = 'JSON';
+        req.query.produceType = 'internal';
+        req.query.resultFormat = 'nezha';
+        await downloadSubscription(req, res);
+    });
+    $app.get(
+        '/download/collection/:name/api/v1/monitor/:nezhaIndex',
+        async (req, res) => {
+            req.query.platform = 'JSON';
+            req.query.produceType = 'internal';
+            req.query.resultFormat = 'nezha-monitor';
+            await downloadCollection(req, res);
+        },
+    );
+    $app.get('/download/:name/api/v1/monitor/:nezhaIndex', async (req, res) => {
+        req.query.platform = 'JSON';
+        req.query.produceType = 'internal';
+        req.query.resultFormat = 'nezha-monitor';
+        await downloadSubscription(req, res);
+    });
 }
 
 async function downloadSubscription(req, res) {
-    let { name } = req.params;
+    let { name, nezhaIndex } = req.params;
     name = decodeURIComponent(name);
+    nezhaIndex = decodeURIComponent(nezhaIndex);
+
+    const useMihomoExternal = req.query.target === 'SurgeMac';
 
     const platform =
         req.query.target || getPlatformFromHeaders(req.headers) || 'JSON';
 
-    $.info(`正在下载订阅：${name}`);
-    let { url, ua, content, mergeSources, ignoreFailedRemoteSub } = req.query;
+    $.info(
+        `正在下载订阅：${name}\n请求 User-Agent: ${
+            req.headers['user-agent'] || req.headers['User-Agent']
+        }`,
+    );
+    let {
+        url,
+        ua,
+        content,
+        mergeSources,
+        ignoreFailedRemoteSub,
+        produceType,
+        includeUnsupportedProxy,
+        resultFormat,
+        proxy,
+    } = req.query;
+    let $options = {};
+    if (req.query.$options) {
+        try {
+            // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
+            $options = JSON.parse(decodeURIComponent(req.query.$options));
+        } catch (e) {
+            for (const pair of req.query.$options.split('&')) {
+                const key = pair.split('=')[0];
+                const value = pair.split('=')[1];
+                // 部分兼容之前的逻辑 const value = pair.split('=')[1] || true;
+                $options[key] =
+                    value == null || value === ''
+                        ? true
+                        : decodeURIComponent(value);
+            }
+        }
+        $.info(`传入 $options: ${JSON.stringify($options)}`);
+    }
     if (url) {
         url = decodeURIComponent(url);
         $.info(`指定远程订阅 URL: ${url}`);
     }
+    if (proxy) {
+        proxy = decodeURIComponent(proxy);
+        $.info(`指定远程订阅使用代理/策略 proxy: ${proxy}`);
+    }
     if (ua) {
         ua = decodeURIComponent(ua);
         $.info(`指定远程订阅 User-Agent: ${ua}`);
@@ -41,12 +115,24 @@ async function downloadSubscription(req, res) {
         ignoreFailedRemoteSub = decodeURIComponent(ignoreFailedRemoteSub);
         $.info(`指定忽略失败的远程订阅: ${ignoreFailedRemoteSub}`);
     }
+    if (produceType) {
+        produceType = decodeURIComponent(produceType);
+        $.info(`指定生产类型: ${produceType}`);
+    }
+    if (includeUnsupportedProxy) {
+        includeUnsupportedProxy = decodeURIComponent(includeUnsupportedProxy);
+        $.info(`包含不支持的节点: ${includeUnsupportedProxy}`);
+    }
+
+    if (useMihomoExternal) {
+        $.info(`手动指定了 target 为 SurgeMac, 将使用 Mihomo External`);
+    }
 
     const allSubs = $.read(SUBS_KEY);
     const sub = findByName(allSubs, name);
     if (sub) {
         try {
-            const output = await produceArtifact({
+            let output = await produceArtifact({
                 type: 'subscription',
                 name,
                 platform,
@@ -55,14 +141,59 @@ async function downloadSubscription(req, res) {
                 content,
                 mergeSources,
                 ignoreFailedRemoteSub,
+                produceType,
+                produceOpts: {
+                    'include-unsupported-proxy': includeUnsupportedProxy,
+                    useMihomoExternal,
+                },
+                $options,
+                proxy,
             });
 
-            if (sub.source !== 'local' || url) {
+            if (
+                sub.source !== 'local' ||
+                ['localFirst', 'remoteFirst'].includes(sub.mergeSources)
+            ) {
                 try {
-                    // forward flow headers
-                    const flowInfo = await getFlowHeaders(url || sub.url);
-                    if (flowInfo) {
-                        res.set('subscription-userinfo', flowInfo);
+                    url =
+                        `${url || sub.url}`
+                            .split(/[\r\n]+/)
+                            .map((i) => i.trim())
+                            .filter((i) => i.length)?.[0] || '';
+
+                    let $arguments = {};
+                    const rawArgs = url.split('#');
+                    url = url.split('#')[0];
+                    if (rawArgs.length > 1) {
+                        try {
+                            // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
+                            $arguments = JSON.parse(
+                                decodeURIComponent(rawArgs[1]),
+                            );
+                        } catch (e) {
+                            for (const pair of rawArgs[1].split('&')) {
+                                const key = pair.split('=')[0];
+                                const value = pair.split('=')[1];
+                                // 部分兼容之前的逻辑 const value = pair.split('=')[1] || true;
+                                $arguments[key] =
+                                    value == null || value === ''
+                                        ? true
+                                        : decodeURIComponent(value);
+                            }
+                        }
+                    }
+                    if (!$arguments.noFlow) {
+                        // forward flow headers
+                        const flowInfo = await getFlowHeaders(
+                            $arguments?.insecure ? `${url}#insecure` : url,
+                            $arguments.flowUserAgent,
+                            undefined,
+                            proxy || sub.proxy,
+                            $arguments.flowUrl,
+                        );
+                        if (flowInfo) {
+                            res.set('subscription-userinfo', flowInfo);
+                        }
                     }
                 } catch (err) {
                     $.error(
@@ -72,8 +203,23 @@ async function downloadSubscription(req, res) {
                     );
                 }
             }
+            if (sub.subUserinfo) {
+                res.set('subscription-userinfo', sub.subUserinfo);
+            }
 
             if (platform === 'JSON') {
+                if (resultFormat === 'nezha') {
+                    output = nezhaTransform(output);
+                } else if (resultFormat === 'nezha-monitor') {
+                    nezhaIndex = /^\d+$/.test(nezhaIndex)
+                        ? parseInt(nezhaIndex, 10)
+                        : output.findIndex((i) => i.name === nezhaIndex);
+                    output = await nezhaMonitor(
+                        output[nezhaIndex],
+                        nezhaIndex,
+                        req.query,
+                    );
+                }
                 res.set('Content-Type', 'application/json;charset=utf-8').send(
                     output,
                 );
@@ -110,8 +256,11 @@ async function downloadSubscription(req, res) {
 }
 
 async function downloadCollection(req, res) {
-    let { name } = req.params;
+    let { name, nezhaIndex } = req.params;
     name = decodeURIComponent(name);
+    nezhaIndex = decodeURIComponent(nezhaIndex);
+
+    const useMihomoExternal = req.query.target === 'SurgeMac';
 
     const platform =
         req.query.target || getPlatformFromHeaders(req.headers) || 'JSON';
@@ -119,22 +268,75 @@ async function downloadCollection(req, res) {
     const allCols = $.read(COLLECTIONS_KEY);
     const collection = findByName(allCols, name);
 
-    $.info(`正在下载组合订阅：${name}`);
+    $.info(
+        `正在下载组合订阅：${name}\n请求 User-Agent: ${
+            req.headers['user-agent'] || req.headers['User-Agent']
+        }`,
+    );
 
-    let { ignoreFailedRemoteSub } = req.query;
+    let {
+        ignoreFailedRemoteSub,
+        produceType,
+        includeUnsupportedProxy,
+        resultFormat,
+        proxy,
+    } = req.query;
+
+    let $options = {};
+    if (req.query.$options) {
+        try {
+            // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
+            $options = JSON.parse(decodeURIComponent(req.query.$options));
+        } catch (e) {
+            for (const pair of req.query.$options.split('&')) {
+                const key = pair.split('=')[0];
+                const value = pair.split('=')[1];
+                // 部分兼容之前的逻辑 const value = pair.split('=')[1] || true;
+                $options[key] =
+                    value == null || value === ''
+                        ? true
+                        : decodeURIComponent(value);
+            }
+        }
+        $.info(`传入 $options: ${JSON.stringify($options)}`);
+    }
+
+    if (proxy) {
+        proxy = decodeURIComponent(proxy);
+        $.info(`指定远程订阅使用代理/策略 proxy: ${proxy}`);
+    }
 
     if (ignoreFailedRemoteSub != null && ignoreFailedRemoteSub !== '') {
         ignoreFailedRemoteSub = decodeURIComponent(ignoreFailedRemoteSub);
         $.info(`指定忽略失败的远程订阅: ${ignoreFailedRemoteSub}`);
     }
+    if (produceType) {
+        produceType = decodeURIComponent(produceType);
+        $.info(`指定生产类型: ${produceType}`);
+    }
+
+    if (includeUnsupportedProxy) {
+        includeUnsupportedProxy = decodeURIComponent(includeUnsupportedProxy);
+        $.info(`包含不支持的节点: ${includeUnsupportedProxy}`);
+    }
+    if (useMihomoExternal) {
+        $.info(`手动指定了 target 为 SurgeMac, 将使用 Mihomo External`);
+    }
 
     if (collection) {
         try {
-            const output = await produceArtifact({
+            let output = await produceArtifact({
                 type: 'collection',
                 name,
                 platform,
                 ignoreFailedRemoteSub,
+                produceType,
+                produceOpts: {
+                    'include-unsupported-proxy': includeUnsupportedProxy,
+                    useMihomoExternal,
+                },
+                $options,
+                proxy,
             });
 
             // forward flow header from the first subscription in this collection
@@ -142,11 +344,49 @@ async function downloadCollection(req, res) {
             const subnames = collection.subscriptions;
             if (subnames.length > 0) {
                 const sub = findByName(allSubs, subnames[0]);
-                if (sub.source !== 'local') {
+                if (
+                    sub.source !== 'local' ||
+                    ['localFirst', 'remoteFirst'].includes(sub.mergeSources)
+                ) {
                     try {
-                        const flowInfo = await getFlowHeaders(sub.url);
-                        if (flowInfo) {
-                            res.set('subscription-userinfo', flowInfo);
+                        let url =
+                            `${sub.url}`
+                                .split(/[\r\n]+/)
+                                .map((i) => i.trim())
+                                .filter((i) => i.length)?.[0] || '';
+
+                        let $arguments = {};
+                        const rawArgs = url.split('#');
+                        url = url.split('#')[0];
+                        if (rawArgs.length > 1) {
+                            try {
+                                // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
+                                $arguments = JSON.parse(
+                                    decodeURIComponent(rawArgs[1]),
+                                );
+                            } catch (e) {
+                                for (const pair of rawArgs[1].split('&')) {
+                                    const key = pair.split('=')[0];
+                                    const value = pair.split('=')[1];
+                                    // 部分兼容之前的逻辑 const value = pair.split('=')[1] || true;
+                                    $arguments[key] =
+                                        value == null || value === ''
+                                            ? true
+                                            : decodeURIComponent(value);
+                                }
+                            }
+                        }
+                        if (!$arguments.noFlow) {
+                            const flowInfo = await getFlowHeaders(
+                                $arguments?.insecure ? `${url}#insecure` : url,
+                                $arguments.flowUserAgent,
+                                undefined,
+                                proxy || sub.proxy || collection.proxy,
+                                $arguments.flowUrl,
+                            );
+                            if (flowInfo) {
+                                res.set('subscription-userinfo', flowInfo);
+                            }
                         }
                     } catch (err) {
                         $.error(
@@ -156,9 +396,24 @@ async function downloadCollection(req, res) {
                         );
                     }
                 }
+                if (sub.subUserinfo) {
+                    res.set('subscription-userinfo', sub.subUserinfo);
+                }
             }
 
             if (platform === 'JSON') {
+                if (resultFormat === 'nezha') {
+                    output = nezhaTransform(output);
+                } else if (resultFormat === 'nezha-monitor') {
+                    nezhaIndex = /^\d+$/.test(nezhaIndex)
+                        ? parseInt(nezhaIndex, 10)
+                        : output.findIndex((i) => i.name === nezhaIndex);
+                    output = await nezhaMonitor(
+                        output[nezhaIndex],
+                        nezhaIndex,
+                        req.query,
+                    );
+                }
                 res.set('Content-Type', 'application/json;charset=utf-8').send(
                     output,
                 );
@@ -195,3 +450,149 @@ async function downloadCollection(req, res) {
         );
     }
 }
+
+async function nezhaMonitor(proxy, index, query) {
+    const result = {
+        code: 0,
+        message: 'success',
+        result: [],
+    };
+
+    try {
+        const { isLoon, isSurge } = $.env;
+        if (!isLoon && !isSurge)
+            throw new Error('仅支持 Loon 和 Surge(ability=http-client-policy)');
+        const node = ProxyUtils.produce([proxy], isLoon ? 'Loon' : 'Surge');
+        if (!node) throw new Error('当前客户端不兼容此节点');
+        const monitors = proxy._monitors || [
+            {
+                name: 'Cloudflare',
+                url: 'http://cp.cloudflare.com/generate_204',
+                method: 'HEAD',
+                number: 3,
+                timeout: 2000,
+            },
+            {
+                name: 'Google',
+                url: 'http://www.google.com/generate_204',
+                method: 'HEAD',
+                number: 3,
+                timeout: 2000,
+            },
+        ];
+        const number =
+            query.number || Math.max(...monitors.map((i) => i.number)) || 3;
+        for (const monitor of monitors) {
+            const interval = 10 * 60 * 1000;
+            const data = {
+                monitor_id: monitors.indexOf(monitor),
+                server_id: index,
+                monitor_name: monitor.name,
+                server_name: proxy.name,
+                created_at: [],
+                avg_delay: [],
+            };
+            for (let index = 0; index < number; index++) {
+                const startedAt = Date.now();
+                try {
+                    await $.http[(monitor.method || 'HEAD').toLowerCase()]({
+                        timeout: monitor.timeout || 2000,
+                        url: monitor.url,
+                        'policy-descriptor': node,
+                        node,
+                    });
+                    const latency = Date.now() - startedAt;
+                    $.info(`${monitor.name} latency: ${latency}`);
+                    data.avg_delay.push(latency);
+                } catch (e) {
+                    $.error(e);
+                    data.avg_delay.push(0);
+                }
+
+                data.created_at.push(
+                    Date.now() - interval * (monitor.number - index - 1),
+                );
+            }
+
+            result.result.push(data);
+        }
+    } catch (e) {
+        $.error(e);
+        result.result.push({
+            monitor_id: 0,
+            server_id: 0,
+            monitor_name: `❌ ${e.message ?? e}`,
+            server_name: proxy.name,
+            created_at: [Date.now()],
+            avg_delay: [0],
+        });
+    }
+
+    return JSON.stringify(result, null, 2);
+}
+function nezhaTransform(output) {
+    const result = {
+        code: 0,
+        message: 'success',
+        result: [],
+    };
+    output.map((proxy, index) => {
+        // 如果节点上有数据 就取节点上的数据
+        let CountryCode = proxy._geo?.countryCode || proxy._geo?.country;
+        // 简单判断下
+        if (!/^[a-z]{2}$/i.test(CountryCode)) {
+            CountryCode = getISO(proxy.name);
+        }
+        // 简单判断下
+        if (/^[a-z]{2}$/i.test(CountryCode)) {
+            // 如果节点上有数据 就取节点上的数据
+            let now = Math.round(new Date().getTime() / 1000);
+            let time = proxy._unavailable ? 0 : now;
+
+            const uptime = parseInt(proxy._uptime || 0, 10);
+
+            result.result.push({
+                id: index,
+                name: proxy.name,
+                tag: `${proxy._tag ?? ''}`,
+                last_active: time,
+                // 暂时不用处理 现在 VPings App 端的接口支持域名查询
+                // 其他场景使用 自己在 Sub-Store 加一步域名解析
+                valid_ip: proxy._IP || proxy.server,
+                ipv4: proxy._IPv4 || proxy.server,
+                ipv6: proxy._IPv6 || (isIPv6(proxy.server) ? proxy.server : ''),
+                host: {
+                    Platform: 'Sub-Store',
+                    PlatformVersion: env.version,
+                    CPU: [],
+                    MemTotal: 1024,
+                    DiskTotal: 1024,
+                    SwapTotal: 1024,
+                    Arch: '',
+                    Virtualization: '',
+                    BootTime: now - uptime,
+                    CountryCode, // 目前需要
+                    Version: '0.0.1',
+                },
+                status: {
+                    CPU: 0,
+                    MemUsed: 0,
+                    SwapUsed: 0,
+                    DiskUsed: 0,
+                    NetInTransfer: 0,
+                    NetOutTransfer: 0,
+                    NetInSpeed: 0,
+                    NetOutSpeed: 0,
+                    Uptime: uptime,
+                    Load1: 0,
+                    Load5: 0,
+                    Load15: 0,
+                    TcpConnCount: 0,
+                    UdpConnCount: 0,
+                    ProcessCount: 0,
+                },
+            });
+        }
+    });
+    return JSON.stringify(result, null, 2);
+}

backend/src/restful/file.js

@@ -1,8 +1,14 @@
 import { deleteByName, findByName, updateByName } from '@/utils/database';
+import { getFlowHeaders } from '@/utils/flow';
 import { FILES_KEY } from '@/constants';
 import { failed, success } from '@/restful/response';
 import $ from '@/core/app';
-import { RequestInvalidError, ResourceNotFoundError } from '@/restful/errors';
+import {
+    RequestInvalidError,
+    ResourceNotFoundError,
+    InternalServerError,
+} from '@/restful/errors';
+import { produceArtifact } from '@/restful/sync';
 
 export default function register($app) {
     if (!$.read(FILES_KEY)) $.write([], FILES_KEY);
@@ -12,7 +18,10 @@ export default function register($app) {
         .patch(updateFile)
         .delete(deleteFile);
 
+    $app.route('/api/wholeFile/:name').get(getWholeFile);
+
     $app.route('/api/files').get(getAllFiles).post(createFile).put(replaceFile);
+    $app.route('/api/wholeFiles').get(getAllWholeFiles);
 }
 
 // file API
@@ -37,13 +46,155 @@ function createFile(req, res) {
     success(res, file, 201);
 }
 
-function getFile(req, res) {
+async function getFile(req, res) {
+    let { name } = req.params;
+    name = decodeURIComponent(name);
+
+    $.info(`正在下载文件：${name}`);
+    let {
+        url,
+        subInfoUrl,
+        subInfoUserAgent,
+        ua,
+        content,
+        mergeSources,
+        ignoreFailedRemoteFile,
+        proxy,
+    } = req.query;
+    let $options = {};
+    if (req.query.$options) {
+        try {
+            // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
+            $options = JSON.parse(decodeURIComponent(req.query.$options));
+        } catch (e) {
+            for (const pair of req.query.$options.split('&')) {
+                const key = pair.split('=')[0];
+                const value = pair.split('=')[1];
+                // 部分兼容之前的逻辑 const value = pair.split('=')[1] || true;
+                $options[key] =
+                    value == null || value === ''
+                        ? true
+                        : decodeURIComponent(value);
+            }
+        }
+        $.info(`传入 $options: ${JSON.stringify($options)}`);
+    }
+    if (url) {
+        url = decodeURIComponent(url);
+        $.info(`指定远程文件 URL: ${url}`);
+    }
+    if (proxy) {
+        proxy = decodeURIComponent(proxy);
+        $.info(`指定远程订阅使用代理/策略 proxy: ${proxy}`);
+    }
+    if (ua) {
+        ua = decodeURIComponent(ua);
+        $.info(`指定远程文件 User-Agent: ${ua}`);
+    }
+    if (subInfoUrl) {
+        subInfoUrl = decodeURIComponent(subInfoUrl);
+        $.info(`指定获取流量的 subInfoUrl: ${subInfoUrl}`);
+    }
+    if (subInfoUserAgent) {
+        subInfoUserAgent = decodeURIComponent(subInfoUserAgent);
+        $.info(`指定获取流量的 subInfoUserAgent: ${subInfoUserAgent}`);
+    }
+    if (content) {
+        content = decodeURIComponent(content);
+        $.info(`指定本地文件: ${content}`);
+    }
+    if (mergeSources) {
+        mergeSources = decodeURIComponent(mergeSources);
+        $.info(`指定合并来源: ${mergeSources}`);
+    }
+    if (ignoreFailedRemoteFile != null && ignoreFailedRemoteFile !== '') {
+        ignoreFailedRemoteFile = decodeURIComponent(ignoreFailedRemoteFile);
+        $.info(`指定忽略失败的远程文件: ${ignoreFailedRemoteFile}`);
+    }
+
+    const allFiles = $.read(FILES_KEY);
+    const file = findByName(allFiles, name);
+    if (file) {
+        try {
+            const output = await produceArtifact({
+                type: 'file',
+                name,
+                url,
+                ua,
+                content,
+                mergeSources,
+                ignoreFailedRemoteFile,
+                $options,
+                proxy,
+            });
+
+            try {
+                subInfoUrl = subInfoUrl || file.subInfoUrl;
+                if (subInfoUrl) {
+                    // forward flow headers
+                    const flowInfo = await getFlowHeaders(
+                        subInfoUrl,
+                        subInfoUserAgent || file.subInfoUserAgent,
+                        undefined,
+                        proxy || file.proxy,
+                    );
+                    if (flowInfo) {
+                        res.set('subscription-userinfo', flowInfo);
+                    }
+                }
+            } catch (err) {
+                $.error(
+                    `文件 ${name} 获取流量信息时发生错误: ${JSON.stringify(
+                        err,
+                    )}`,
+                );
+            }
+            if (file.download) {
+                res.set(
+                    'Content-Disposition',
+                    `attachment; filename*=UTF-8''${encodeURIComponent(
+                        file.displayName || file.name,
+                    )}`,
+                );
+            }
+            res.set('Content-Type', 'text/plain; charset=utf-8').send(
+                output ?? '',
+            );
+        } catch (err) {
+            $.notify(
+                `🌍 Sub-Store 下载文件失败`,
+                `❌ 无法下载文件：${name}！`,
+                `🤔 原因：${err.message ?? err}`,
+            );
+            $.error(err.message ?? err);
+            failed(
+                res,
+                new InternalServerError(
+                    'INTERNAL_SERVER_ERROR',
+                    `Failed to download file: ${name}`,
+                    `Reason: ${err.message ?? err}`,
+                ),
+            );
+        }
+    } else {
+        $.notify(`🌍 Sub-Store 下载文件失败`, `❌ 未找到文件：${name}！`);
+        failed(
+            res,
+            new ResourceNotFoundError(
+                'RESOURCE_NOT_FOUND',
+                `File ${name} does not exist!`,
+            ),
+            404,
+        );
+    }
+}
+function getWholeFile(req, res) {
     let { name } = req.params;
     name = decodeURIComponent(name);
     const allFiles = $.read(FILES_KEY);
     const file = findByName(allFiles, name);
     if (file) {
-        res.status(200).json(file.content);
+        success(res, file);
     } else {
         failed(
             res,
@@ -102,6 +253,11 @@ function getAllFiles(req, res) {
     );
 }
 
+function getAllWholeFiles(req, res) {
+    const allFiles = $.read(FILES_KEY);
+    success(res, allFiles);
+}
+
 function replaceFile(req, res) {
     const allFiles = req.body;
     $.write(allFiles, FILES_KEY);

backend/src/restful/index.js

@@ -2,6 +2,8 @@ import express from '@/vendor/express';
 import $ from '@/core/app';
 import migrate from '@/utils/migration';
 import download from '@/utils/download';
+import { syncArtifacts } from '@/restful/sync';
+import { gistBackupAction } from '@/restful/miscs';
 
 import registerSubscriptionRoutes from './subscriptions';
 import registerCollectionRoutes from './collections';
@@ -15,6 +17,7 @@ import registerPreviewRoutes from './preview';
 import registerSortingRoutes from './sort';
 import registerMiscRoutes from './miscs';
 import registerNodeInfoRoutes from './node-info';
+import registerParserRoutes from './parser';
 
 export default function serve() {
     let port;
@@ -37,10 +40,94 @@ export default function serve() {
     registerSyncRoutes($app);
     registerNodeInfoRoutes($app);
     registerMiscRoutes($app);
+    registerParserRoutes($app);
 
     $app.start();
 
     if ($.env.isNode) {
+        // Deprecated: SUB_STORE_BACKEND_CRON
+        const backend_sync_cron =
+            eval('process.env.SUB_STORE_BACKEND_SYNC_CRON') ||
+            eval('process.env.SUB_STORE_BACKEND_CRON');
+        if (backend_sync_cron) {
+            $.info(`[SYNC CRON] ${backend_sync_cron} enabled`);
+            const { CronJob } = eval(`require("cron")`);
+            new CronJob(
+                backend_sync_cron,
+                async function () {
+                    try {
+                        $.info(`[SYNC CRON] ${backend_sync_cron} started`);
+                        await syncArtifacts();
+                        $.info(`[SYNC CRON] ${backend_sync_cron} finished`);
+                    } catch (e) {
+                        $.error(
+                            `[SYNC CRON] ${backend_sync_cron} error: ${
+                                e.message ?? e
+                            }`,
+                        );
+                    }
+                }, // onTick
+                null, // onComplete
+                true, // start
+                // 'Asia/Shanghai' // timeZone
+            );
+        }
+        const backend_download_cron = eval(
+            'process.env.SUB_STORE_BACKEND_DOWNLOAD_CRON',
+        );
+        if (backend_download_cron) {
+            $.info(`[DOWNLOAD CRON] ${backend_download_cron} enabled`);
+            const { CronJob } = eval(`require("cron")`);
+            new CronJob(
+                backend_download_cron,
+                async function () {
+                    try {
+                        $.info(
+                            `[DOWNLOAD CRON] ${backend_download_cron} started`,
+                        );
+                        await gistBackupAction('download');
+                        $.info(
+                            `[DOWNLOAD CRON] ${backend_download_cron} finished`,
+                        );
+                    } catch (e) {
+                        $.error(
+                            `[DOWNLOAD CRON] ${backend_download_cron} error: ${
+                                e.message ?? e
+                            }`,
+                        );
+                    }
+                }, // onTick
+                null, // onComplete
+                true, // start
+                // 'Asia/Shanghai' // timeZone
+            );
+        }
+        const backend_upload_cron = eval(
+            'process.env.SUB_STORE_BACKEND_UPLOAD_CRON',
+        );
+        if (backend_upload_cron) {
+            $.info(`[UPLOAD CRON] ${backend_upload_cron} enabled`);
+            const { CronJob } = eval(`require("cron")`);
+            new CronJob(
+                backend_upload_cron,
+                async function () {
+                    try {
+                        $.info(`[UPLOAD CRON] ${backend_upload_cron} started`);
+                        await gistBackupAction('upload');
+                        $.info(`[UPLOAD CRON] ${backend_upload_cron} finished`);
+                    } catch (e) {
+                        $.error(
+                            `[UPLOAD CRON] ${backend_upload_cron} error: ${
+                                e.message ?? e
+                            }`,
+                        );
+                    }
+                }, // onTick
+                null, // onComplete
+                true, // start
+                // 'Asia/Shanghai' // timeZone
+            );
+        }
         const path = eval(`require("path")`);
         const fs = eval(`require("fs")`);
         const data_url = eval('process.env.SUB_STORE_DATA_URL');

backend/src/restful/miscs.js

@@ -1,8 +1,10 @@
 import $ from '@/core/app';
 import { ENV } from '@/vendor/open-api';
 import { failed, success } from '@/restful/response';
-import { updateArtifactStore, updateGitHubAvatar } from '@/restful/settings';
+import { updateArtifactStore, updateAvatar } from '@/restful/settings';
 import resourceCache from '@/utils/resource-cache';
+import scriptResourceCache from '@/utils/script-resource-cache';
+import headersResourceCache from '@/utils/headers-resource-cache';
 import {
     GIST_BACKUP_FILE_NAME,
     GIST_BACKUP_KEY,
@@ -68,14 +70,78 @@ function getEnv(req, res) {
 
 async function refresh(_, res) {
     // 1. get GitHub avatar and artifact store
-    await updateGitHubAvatar();
+    await updateAvatar();
     await updateArtifactStore();
 
     // 2. clear resource cache
     resourceCache.revokeAll();
+    scriptResourceCache.revokeAll();
+    headersResourceCache.revokeAll();
     success(res);
 }
 
+async function gistBackupAction(action) {
+    // read token
+    const { gistToken, syncPlatform } = $.read(SETTINGS_KEY);
+    if (!gistToken) throw new Error('GitHub Token is required for backup!');
+
+    const gist = new Gist({
+        token: gistToken,
+        key: GIST_BACKUP_KEY,
+        syncPlatform,
+    });
+    let content;
+    const settings = $.read(SETTINGS_KEY);
+    const updated = settings.syncTime;
+    switch (action) {
+        case 'upload':
+            // update syncTime
+            settings.syncTime = new Date().getTime();
+            $.write(settings, SETTINGS_KEY);
+            content = $.read('#sub-store');
+            if ($.env.isNode) content = JSON.stringify($.cache, null, `  `);
+            $.info(`上传备份中...`);
+            try {
+                await gist.upload({
+                    [GIST_BACKUP_FILE_NAME]: { content },
+                });
+                $.info(`上传备份完成`);
+            } catch (err) {
+                // restore syncTime if upload failed
+                settings.syncTime = updated;
+                $.write(settings, SETTINGS_KEY);
+                throw err;
+            }
+            break;
+        case 'download':
+            $.info(`还原备份中...`);
+            content = await gist.download(GIST_BACKUP_FILE_NAME);
+            try {
+                if (Object.keys(JSON.parse(content).settings).length === 0) {
+                    throw new Error('备份文件应该至少包含 settings 字段');
+                }
+            } catch (err) {
+                $.error(
+                    `Gist 备份文件校验失败, 无法还原\nReason: ${
+                        err.message ?? err
+                    }`,
+                );
+                throw new Error('Gist 备份文件校验失败, 无法还原');
+            }
+            // restore settings
+            $.write(content, '#sub-store');
+            if ($.env.isNode) {
+                content = JSON.parse(content);
+                $.cache = content;
+                $.persistCache();
+            }
+            $.info(`perform migration after restoring from gist...`);
+            migrate();
+            $.info(`migration completed`);
+            $.info(`还原备份完成`);
+            break;
+    }
+}
 async function gistBackup(req, res) {
     const { action } = req.query;
     // read token
@@ -89,77 +155,23 @@ async function gistBackup(req, res) {
             ),
         );
     } else {
-        const gist = new Gist({
-            token: gistToken,
-            key: GIST_BACKUP_KEY,
-        });
         try {
-            let content;
-            const settings = $.read(SETTINGS_KEY);
-            const updated = settings.syncTime;
-            switch (action) {
-                case 'upload':
-                    // update syncTime
-                    settings.syncTime = new Date().getTime();
-                    $.write(settings, SETTINGS_KEY);
-                    content = $.read('#sub-store');
-                    if ($.env.isNode)
-                        content = JSON.stringify($.cache, null, `  `);
-                    $.info(`上传备份中...`);
-                    try {
-                        await gist.upload({
-                            [GIST_BACKUP_FILE_NAME]: { content },
-                        });
-                    } catch (err) {
-                        // restore syncTime if upload failed
-                        settings.syncTime = updated;
-                        $.write(settings, SETTINGS_KEY);
-                        throw err;
-                    }
-                    break;
-                case 'download':
-                    $.info(`还原备份中...`);
-                    content = await gist.download(GIST_BACKUP_FILE_NAME);
-                    try {
-                        if (
-                            Object.keys(JSON.parse(content).settings).length ===
-                            0
-                        ) {
-                            throw new Error(
-                                '备份文件应该至少包含 settings 字段',
-                            );
-                        }
-                    } catch (err) {
-                        $.error(
-                            `Gist 备份文件校验失败, 无法还原\nReason: ${
-                                err.message ?? err
-                            }`,
-                        );
-                        throw new Error('Gist 备份文件校验失败, 无法还原');
-                    }
-                    // restore settings
-                    $.write(content, '#sub-store');
-                    if ($.env.isNode) {
-                        content = JSON.parse(content);
-                        $.cache = content;
-                        $.persistCache();
-                    }
-                    $.info(`perform migration after restoring from gist...`);
-                    migrate();
-                    $.info(`migration completed`);
-                    $.info(`还原备份完成`);
-                    break;
-            }
+            await gistBackupAction(action);
             success(res);
         } catch (err) {
+            $.error(
+                `Failed to ${action} gist data.\nReason: ${err.message ?? err}`,
+            );
             failed(
                 res,
                 new InternalServerError(
                     'BACKUP_FAILED',
-                    `Failed to ${action} data to gist!`,
+                    `Failed to ${action} gist data!`,
                     `Reason: ${err.message ?? err}`,
                 ),
             );
         }
     }
 }
+
+export { gistBackupAction };

backend/src/restful/module.js

@@ -47,7 +47,9 @@ function getModule(req, res) {
     const allModules = $.read(MODULES_KEY);
     const module = findByName(allModules, name);
     if (module) {
-        res.status(200).json(module.content);
+        res.set('Content-Type', 'text/plain; charset=utf-8').send(
+            module.content,
+        );
     } else {
         failed(
             res,

backend/src/restful/node-info.js

@@ -22,7 +22,10 @@ async function getNodeInfo(req, res) {
         const info = await $http
             .get({
                 url: `http://ip-api.com/json/${encodeURIComponent(
-                    proxy.server,
+                    `${proxy.server}`
+                        .trim()
+                        .replace(/^\[/, '')
+                        .replace(/\]$/, ''),
                 )}?lang=${lang}`,
                 headers: {
                     'User-Agent':

backend/src/restful/parser.js

@@ -0,0 +1,54 @@
+import { success, failed } from '@/restful/response';
+import { ProxyUtils } from '@/core/proxy-utils';
+import { RuleUtils } from '@/core/rule-utils';
+
+export default function register($app) {
+    $app.route('/api/proxy/parse').post(proxy_parser);
+    $app.route('/api/rule/parse').post(rule_parser);
+}
+
+/***
+ * 感谢 izhangxm 的 PR!
+ * 目前没有节点操作, 没有支持完整参数, 以后再完善一下
+ */
+
+/***
+ * 代理服务器协议转换接口。
+ * 请求方法为POST，数据为json。需要提供data和client字段。
+ * data: string, 协议数据，每行一个或者是clash
+ * client: string, 目标平台名称，见backend/src/core/proxy-utils/producers/index.js
+ *
+ */
+function proxy_parser(req, res) {
+    const { data, client, content, platform } = req.body;
+    var result = {};
+    try {
+        var proxies = ProxyUtils.parse(data ?? content);
+        var par_res = ProxyUtils.produce(proxies, client ?? platform);
+        result['par_res'] = par_res;
+    } catch (err) {
+        failed(res, err);
+        return;
+    }
+    success(res, result);
+}
+/**
+ * 规则转换接口。
+ * 请求方法为POST，数据为json。需要提供data和client字段。
+ * data: string, 多行规则字符串
+ * client: string, 目标平台名称，具体见backend/src/core/rule-utils/producers.js
+ */
+function rule_parser(req, res) {
+    const { data, client, content, platform } = req.body;
+    var result = {};
+    try {
+        const rules = RuleUtils.parse(data ?? content);
+        var par_res = RuleUtils.produce(rules, client ?? platform);
+        result['par_res'] = par_res;
+    } catch (err) {
+        failed(res, err);
+        return;
+    }
+
+    success(res, result);
+}

backend/src/restful/preview.js

@@ -9,6 +9,85 @@ import $ from '@/core/app';
 export default function register($app) {
     $app.post('/api/preview/sub', compareSub);
     $app.post('/api/preview/collection', compareCollection);
+    $app.post('/api/preview/file', previewFile);
+}
+
+async function previewFile(req, res) {
+    try {
+        const file = req.body;
+        let content;
+        if (
+            file.source === 'local' &&
+            !['localFirst', 'remoteFirst'].includes(file.mergeSources)
+        ) {
+            content = file.content;
+        } else {
+            const errors = {};
+            content = await Promise.all(
+                file.url
+                    .split(/[\r\n]+/)
+                    .map((i) => i.trim())
+                    .filter((i) => i.length)
+                    .map(async (url) => {
+                        try {
+                            return await download(url, file.ua);
+                        } catch (err) {
+                            errors[url] = err;
+                            $.error(
+                                `文件 ${file.name} 的远程文件 ${url} 发生错误: ${err}`,
+                            );
+                            return '';
+                        }
+                    }),
+            );
+
+            if (
+                !file.ignoreFailedRemoteFile &&
+                Object.keys(errors).length > 0
+            ) {
+                throw new Error(
+                    `文件 ${file.name} 的远程文件 ${Object.keys(errors).join(
+                        ', ',
+                    )} 发生错误, 请查看日志`,
+                );
+            }
+            if (file.mergeSources === 'localFirst') {
+                content.unshift(file.content);
+            } else if (file.mergeSources === 'remoteFirst') {
+                content.push(file.content);
+            }
+        }
+        // parse proxies
+        const files = (Array.isArray(content) ? content : [content]).flat();
+        let filesContent = files
+            .filter((i) => i != null && i !== '')
+            .join('\n');
+
+        // apply processors
+        const processed =
+            Array.isArray(file.process) && file.process.length > 0
+                ? await ProxyUtils.process(
+                      { $files: files, $content: filesContent },
+                      file.process,
+                  )
+                : { $content: filesContent, $files: files };
+
+        // produce
+        success(res, {
+            original: filesContent,
+            processed: processed?.$content ?? '',
+        });
+    } catch (err) {
+        $.error(err.message ?? err);
+        failed(
+            res,
+            new InternalServerError(
+                `INTERNAL_SERVER_ERROR`,
+                `Failed to preview file`,
+                `Reason: ${err.message ?? err}`,
+            ),
+        );
+    }
 }
 
 async function compareSub(req, res) {
@@ -30,7 +109,12 @@ async function compareSub(req, res) {
                     .filter((i) => i.length)
                     .map(async (url) => {
                         try {
-                            return await download(url, sub.ua);
+                            return await download(
+                                url,
+                                sub.ua,
+                                undefined,
+                                sub.proxy,
+                            );
                         } catch (err) {
                             errors[url] = err;
                             $.error(
@@ -62,7 +146,8 @@ async function compareSub(req, res) {
         // add id
         original.forEach((proxy, i) => {
             proxy.id = i;
-            proxy.subName = sub.name;
+            proxy._subName = sub.name;
+            proxy._subDisplayName = sub.displayName;
         });
 
         // apply processors
@@ -92,7 +177,20 @@ async function compareCollection(req, res) {
     try {
         const allSubs = $.read(SUBS_KEY);
         const collection = req.body;
-        const subnames = collection.subscriptions;
+        const subnames = [...collection.subscriptions];
+        let subscriptionTags = collection.subscriptionTags;
+        if (Array.isArray(subscriptionTags) && subscriptionTags.length > 0) {
+            allSubs.forEach((sub) => {
+                if (
+                    Array.isArray(sub.tag) &&
+                    sub.tag.length > 0 &&
+                    !subnames.includes(sub.name) &&
+                    sub.tag.some((tag) => subscriptionTags.includes(tag))
+                ) {
+                    subnames.push(sub.name);
+                }
+            });
+        }
         const results = {};
         const errors = {};
         await Promise.all(
@@ -116,7 +214,12 @@ async function compareCollection(req, res) {
                                 .filter((i) => i.length)
                                 .map(async (url) => {
                                     try {
-                                        return await download(url, sub.ua);
+                                        return await download(
+                                            url,
+                                            sub.ua,
+                                            undefined,
+                                            sub.proxy,
+                                        );
                                     } catch (err) {
                                         errors[url] = err;
                                         $.error(
@@ -148,8 +251,10 @@ async function compareCollection(req, res) {
                         .flat();
 
                     currentProxies.forEach((proxy) => {
-                        proxy.subName = sub.name;
-                        proxy.collectionName = collection.name;
+                        proxy._subName = sub.name;
+                        proxy._subDisplayName = sub.displayName;
+                        proxy._collectionName = collection.name;
+                        proxy._collectionDisplayName = collection.displayName;
                     });
 
                     // apply processors
@@ -164,11 +269,7 @@ async function compareCollection(req, res) {
                     errors[name] = err;
 
                     $.error(
-                        `❌ 处理组合订阅中的子订阅: ${
-                            sub.name
-                        }时出现错误：${err}！进度--${
-                            100 * (processed / subnames.length).toFixed(1)
-                        }%`,
+                        `❌ 处理组合订阅 ${collection.name} 中的子订阅: ${sub.name}时出现错误：${err}！`,
                     );
                 }
             }),
@@ -191,7 +292,8 @@ async function compareCollection(req, res) {
 
         original.forEach((proxy, i) => {
             proxy.id = i;
-            proxy.collectionName = collection.name;
+            proxy._collectionName = collection.name;
+            proxy._collectionDisplayName = collection.displayName;
         });
 
         const processed = await ProxyUtils.process(

backend/src/restful/settings.js

@@ -1,5 +1,6 @@
 import { SETTINGS_KEY, ARTIFACT_REPOSITORY_KEY } from '@/constants';
-import { success } from './response';
+import { success, failed } from './response';
+import { InternalServerError } from '@/restful/errors';
 import $ from '@/core/app';
 import Gist from '@/utils/gist';
 
@@ -10,51 +11,105 @@ export default function register($app) {
 }
 
 async function getSettings(req, res) {
-    let settings = $.read(SETTINGS_KEY);
-    if (!settings) {
-        settings = {};
-        $.write(settings, SETTINGS_KEY);
-    }
+    try {
+        let settings = $.read(SETTINGS_KEY);
+        if (!settings) {
+            settings = {};
+            $.write(settings, SETTINGS_KEY);
+        }
 
-    if (!settings.avatarUrl) await updateGitHubAvatar();
-    if (!settings.artifactStore) await updateArtifactStore();
-    success(res, settings);
+        if (!settings.avatarUrl) await updateAvatar();
+        if (!settings.artifactStore) await updateArtifactStore();
+
+        success(res, settings);
+    } catch (e) {
+        $.error(`Failed to get settings: ${e.message ?? e}`);
+        failed(
+            res,
+            new InternalServerError(
+                `FAILED_TO_GET_SETTINGS`,
+                `Failed to get settings`,
+                `Reason: ${e.message ?? e}`,
+            ),
+        );
+    }
 }
 
 async function updateSettings(req, res) {
-    const settings = $.read(SETTINGS_KEY);
-    const newSettings = {
-        ...settings,
-        ...req.body,
-    };
-    $.write(newSettings, SETTINGS_KEY);
-    await updateGitHubAvatar();
-    await updateArtifactStore();
-    success(res, newSettings);
+    try {
+        const settings = $.read(SETTINGS_KEY);
+        const newSettings = {
+            ...settings,
+            ...req.body,
+        };
+        $.write(newSettings, SETTINGS_KEY);
+        await updateAvatar();
+        await updateArtifactStore();
+        success(res, newSettings);
+    } catch (e) {
+        $.error(`Failed to update settings: ${e.message ?? e}`);
+        failed(
+            res,
+            new InternalServerError(
+                `FAILED_TO_UPDATE_SETTINGS`,
+                `Failed to update settings`,
+                `Reason: ${e.message ?? e}`,
+            ),
+        );
+    }
 }
 
-export async function updateGitHubAvatar() {
+export async function updateAvatar() {
     const settings = $.read(SETTINGS_KEY);
-    const username = settings.githubUser;
+    const { githubUser: username, syncPlatform } = settings;
     if (username) {
-        try {
-            const data = await $.http
-                .get({
-                    url: `https://api.github.com/users/${username}`,
-                    headers: {
-                        'User-Agent':
-                            'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.141 Safari/537.36',
-                    },
-                })
-                .then((resp) => JSON.parse(resp.body));
-            settings.avatarUrl = data['avatar_url'];
-            $.write(settings, SETTINGS_KEY);
-        } catch (err) {
-            $.error(
-                `Failed to fetch GitHub avatar for User: ${username}. Reason: ${
-                    err.message ?? err
-                }`,
-            );
+        if (syncPlatform === 'gitlab') {
+            try {
+                const data = await $.http
+                    .get({
+                        url: `https://gitlab.com/api/v4/users?username=${encodeURIComponent(
+                            username,
+                        )}`,
+                        headers: {
+                            'User-Agent':
+                                'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.141 Safari/537.36',
+                        },
+                    })
+                    .then((resp) => JSON.parse(resp.body));
+                settings.avatarUrl = data[0]['avatar_url'].replace(
+                    /(\?|&)s=\d+(&|$)/,
+                    '$1s=160$2',
+                );
+                $.write(settings, SETTINGS_KEY);
+            } catch (err) {
+                $.error(
+                    `Failed to fetch GitLab avatar for User: ${username}. Reason: ${
+                        err.message ?? err
+                    }`,
+                );
+            }
+        } else {
+            try {
+                const data = await $.http
+                    .get({
+                        url: `https://api.github.com/users/${encodeURIComponent(
+                            username,
+                        )}`,
+                        headers: {
+                            'User-Agent':
+                                'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.141 Safari/537.36',
+                        },
+                    })
+                    .then((resp) => JSON.parse(resp.body));
+                settings.avatarUrl = data['avatar_url'];
+                $.write(settings, SETTINGS_KEY);
+            } catch (err) {
+                $.error(
+                    `Failed to fetch GitHub avatar for User: ${username}. Reason: ${
+                        err.message ?? err
+                    }`,
+                );
+            }
         }
     }
 }
@@ -62,25 +117,30 @@ export async function updateGitHubAvatar() {
 export async function updateArtifactStore() {
     $.log('Updating artifact store');
     const settings = $.read(SETTINGS_KEY);
-    const { githubUser, gistToken } = settings;
-    if (githubUser && gistToken) {
+    const { gistToken, syncPlatform } = settings;
+    if (gistToken) {
         const manager = new Gist({
             token: gistToken,
             key: ARTIFACT_REPOSITORY_KEY,
+            syncPlatform,
         });
 
         try {
-            const gistId = await manager.locate();
-            if (gistId !== -1) {
-                settings.artifactStore = `https://gist.github.com/${githubUser}/${gistId}`;
-                $.write(settings, SETTINGS_KEY);
+            const gist = await manager.locate();
+            const url = gist?.html_url ?? gist?.web_url;
+            if (url) {
+                $.log(`找到 Sub-Store Gist: ${url}`);
+                // 只需要保证 token 是对的, 现在 username 错误只会导致头像错误
+                settings.artifactStore = url;
+                settings.artifactStoreStatus = 'VALID';
+            } else {
+                $.error(`找不到 Sub-Store Gist`);
+                settings.artifactStoreStatus = 'NOT FOUND';
             }
         } catch (err) {
-            $.error(
-                `Failed to fetch artifact store for User: ${githubUser}. Reason: ${
-                    err.message ?? err
-                }`,
-            );
+            $.error(`查找 Sub-Store Gist 时发生错误: ${err.message ?? err}`);
+            settings.artifactStoreStatus = 'ERROR';
         }
+        $.write(settings, SETTINGS_KEY);
     }
 }

backend/src/restful/sort.js

@@ -1,4 +1,9 @@
-import { ARTIFACTS_KEY, COLLECTIONS_KEY, SUBS_KEY } from '@/constants';
+import {
+    ARTIFACTS_KEY,
+    COLLECTIONS_KEY,
+    SUBS_KEY,
+    FILES_KEY,
+} from '@/constants';
 import $ from '@/core/app';
 import { success } from '@/restful/response';
 
@@ -6,6 +11,7 @@ export default function register($app) {
     $app.post('/api/sort/subs', sortSubs);
     $app.post('/api/sort/collections', sortCollections);
     $app.post('/api/sort/artifacts', sortArtifacts);
+    $app.post('/api/sort/files', sortFiles);
 }
 
 function sortSubs(req, res) {
@@ -33,3 +39,11 @@ function sortArtifacts(req, res) {
     $.write(allArtifacts, ARTIFACTS_KEY);
     success(res, allArtifacts);
 }
+
+function sortFiles(req, res) {
+    const orders = req.body;
+    const allFiles = $.read(FILES_KEY);
+    allFiles.sort((a, b) => orders.indexOf(a.name) - orders.indexOf(b.name));
+    $.write(allFiles, FILES_KEY);
+    success(res, allFiles);
+}

backend/src/restful/subscriptions.js

@@ -6,7 +6,11 @@ import {
 } from './errors';
 import { deleteByName, findByName, updateByName } from '@/utils/database';
 import { SUBS_KEY, COLLECTIONS_KEY, ARTIFACTS_KEY } from '@/constants';
-import { getFlowHeaders, parseFlowHeaders } from '@/utils/flow';
+import {
+    getFlowHeaders,
+    parseFlowHeaders,
+    getRmainingDays,
+} from '@/utils/flow';
 import { success, failed } from './response';
 import $ from '@/core/app';
 
@@ -30,6 +34,11 @@ export default function register($app) {
 async function getFlowInfo(req, res) {
     let { name } = req.params;
     name = decodeURIComponent(name);
+    let { url } = req.query;
+    if (url) {
+        url = decodeURIComponent(url);
+        $.info(`指定远程订阅 URL: ${url}`);
+    }
     const allSubs = $.read(SUBS_KEY);
     const sub = findByName(allSubs, name);
     if (!sub) {
@@ -43,32 +52,132 @@ async function getFlowInfo(req, res) {
         );
         return;
     }
-    if (sub.source === 'local') {
-        failed(
-            res,
-            new RequestInvalidError(
-                'NO_FLOW_INFO',
-                'N/A',
-                `Local subscription ${name} has no flow information!`,
-            ),
-        );
+    if (
+        sub.source === 'local' &&
+        !['localFirst', 'remoteFirst'].includes(sub.mergeSources)
+    ) {
+        if (sub.subUserinfo) {
+            try {
+                success(res, {
+                    ...parseFlowHeaders(sub.subUserinfo),
+                });
+            } catch (e) {
+                $.error(
+                    `Failed to parse flow info for local subscription ${name}: ${
+                        e.message ?? e
+                    }`,
+                );
+                failed(
+                    res,
+                    new RequestInvalidError(
+                        'NO_FLOW_INFO',
+                        'N/A',
+                        `Failed to parse flow info`,
+                    ),
+                );
+            }
+        } else {
+            failed(
+                res,
+                new RequestInvalidError(
+                    'NO_FLOW_INFO',
+                    'N/A',
+                    `Local subscription ${name} has no flow information!`,
+                ),
+            );
+        }
         return;
     }
     try {
-        const flowHeaders = await getFlowHeaders(sub.url);
-        if (!flowHeaders) {
+        url =
+            `${url || sub.url}`
+                .split(/[\r\n]+/)
+                .map((i) => i.trim())
+                .filter((i) => i.length)?.[0] || '';
+
+        let $arguments = {};
+        const rawArgs = url.split('#');
+        url = url.split('#')[0];
+        if (rawArgs.length > 1) {
+            try {
+                // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
+                $arguments = JSON.parse(decodeURIComponent(rawArgs[1]));
+            } catch (e) {
+                for (const pair of rawArgs[1].split('&')) {
+                    const key = pair.split('=')[0];
+                    const value = pair.split('=')[1];
+                    // 部分兼容之前的逻辑 const value = pair.split('=')[1] || true;
+                    $arguments[key] =
+                        value == null || value === ''
+                            ? true
+                            : decodeURIComponent(value);
+                }
+            }
+        }
+        if ($arguments.noFlow) {
             failed(
                 res,
-                new InternalServerError(
+                new RequestInvalidError(
                     'NO_FLOW_INFO',
-                    'No flow info',
-                    `Failed to fetch flow headers`,
+                    'N/A',
+                    `Subscription ${name}: noFlow`,
                 ),
             );
             return;
         }
-
-        success(res, parseFlowHeaders(flowHeaders));
+        if (sub.subUserinfo) {
+            try {
+                success(res, {
+                    ...parseFlowHeaders(sub.subUserinfo),
+                    remainingDays: getRmainingDays({
+                        resetDay: $arguments.resetDay,
+                        startDate: $arguments.startDate,
+                        cycleDays: $arguments.cycleDays,
+                    }),
+                });
+            } catch (e) {
+                $.error(
+                    `Failed to parse flow info for local subscription ${name}: ${
+                        e.message ?? e
+                    }`,
+                );
+                failed(
+                    res,
+                    new RequestInvalidError(
+                        'NO_FLOW_INFO',
+                        'N/A',
+                        `Failed to parse flow info`,
+                    ),
+                );
+            }
+        } else {
+            const flowHeaders = await getFlowHeaders(
+                $arguments?.insecure ? `${url}#insecure` : url,
+                $arguments.flowUserAgent,
+                undefined,
+                sub.proxy,
+                $arguments.flowUrl,
+            );
+            if (!flowHeaders) {
+                failed(
+                    res,
+                    new InternalServerError(
+                        'NO_FLOW_INFO',
+                        'No flow info',
+                        `Failed to fetch flow headers`,
+                    ),
+                );
+                return;
+            }
+            success(res, {
+                ...parseFlowHeaders(flowHeaders),
+                remainingDays: getRmainingDays({
+                    resetDay: $arguments.resetDay,
+                    startDate: $arguments.startDate,
+                    cycleDays: $arguments.cycleDays,
+                }),
+            });
+        }
     } catch (err) {
         failed(
             res,
@@ -111,11 +220,21 @@ function createSubscription(req, res) {
 
 function getSubscription(req, res) {
     let { name } = req.params;
+    let { raw } = req.query;
     name = decodeURIComponent(name);
     const allSubs = $.read(SUBS_KEY);
     const sub = findByName(allSubs, name);
     if (sub) {
-        success(res, sub);
+        if (raw) {
+            res.set('content-type', 'application/json')
+                .set(
+                    'content-disposition',
+                    `attachment; filename="${encodeURIComponent(name)}.json"`,
+                )
+                .send(JSON.stringify(sub));
+        } else {
+            success(res, sub);
+        }
     } else {
         failed(
             res,

backend/src/restful/sync.js

@@ -4,6 +4,7 @@ import {
     COLLECTIONS_KEY,
     RULES_KEY,
     SUBS_KEY,
+    FILES_KEY,
 } from '@/constants';
 import { failed, success } from '@/restful/response';
 import { InternalServerError, ResourceNotFoundError } from '@/restful/errors';
@@ -31,12 +32,27 @@ async function produceArtifact({
     content,
     mergeSources,
     ignoreFailedRemoteSub,
+    ignoreFailedRemoteFile,
+    produceType,
+    produceOpts = {},
+    subscription,
+    awaitCustomCache,
+    $options,
+    proxy,
 }) {
     platform = platform || 'JSON';
 
     if (type === 'subscription') {
-        const allSubs = $.read(SUBS_KEY);
-        const sub = findByName(allSubs, name);
+        let sub;
+        if (name) {
+            const allSubs = $.read(SUBS_KEY);
+            sub = findByName(allSubs, name);
+            if (!sub) throw new Error(`找不到订阅 ${name}`);
+        } else if (subscription) {
+            sub = subscription;
+        } else {
+            throw new Error('未提供订阅名称或订阅数据');
+        }
         let raw;
         if (content && !['localFirst', 'remoteFirst'].includes(mergeSources)) {
             raw = content;
@@ -49,7 +65,14 @@ async function produceArtifact({
                     .filter((i) => i.length)
                     .map(async (url) => {
                         try {
-                            return await download(url, ua || sub.ua);
+                            return await download(
+                                url,
+                                ua || sub.ua,
+                                undefined,
+                                proxy || sub.proxy,
+                                undefined,
+                                awaitCustomCache,
+                            );
                         } catch (err) {
                             errors[url] = err;
                             $.error(
@@ -89,7 +112,14 @@ async function produceArtifact({
                     .filter((i) => i.length)
                     .map(async (url) => {
                         try {
-                            return await download(url, ua || sub.ua);
+                            return await download(
+                                url,
+                                ua || sub.ua,
+                                undefined,
+                                proxy || sub.proxy,
+                                undefined,
+                                awaitCustomCache,
+                            );
                         } catch (err) {
                             errors[url] = err;
                             $.error(
@@ -122,7 +152,8 @@ async function produceArtifact({
             .flat();
 
         proxies.forEach((proxy) => {
-            proxy.subName = sub.name;
+            proxy._subName = sub.name;
+            proxy._subDisplayName = sub.displayName;
         });
         // apply processors
         proxies = await ProxyUtils.process(
@@ -130,6 +161,7 @@ async function produceArtifact({
             sub.process || [],
             platform,
             { [sub.name]: sub },
+            $options,
         );
         if (proxies.length === 0) {
             throw new Error(`订阅 ${name} 中不含有效节点`);
@@ -152,12 +184,26 @@ async function produceArtifact({
             exist[proxy.name] = true;
         }
         // produce
-        return ProxyUtils.produce(proxies, platform);
+        return ProxyUtils.produce(proxies, platform, produceType, produceOpts);
     } else if (type === 'collection') {
         const allSubs = $.read(SUBS_KEY);
         const allCols = $.read(COLLECTIONS_KEY);
         const collection = findByName(allCols, name);
-        const subnames = collection.subscriptions;
+        if (!collection) throw new Error(`找不到组合订阅 ${name}`);
+        const subnames = [...collection.subscriptions];
+        let subscriptionTags = collection.subscriptionTags;
+        if (Array.isArray(subscriptionTags) && subscriptionTags.length > 0) {
+            allSubs.forEach((sub) => {
+                if (
+                    Array.isArray(sub.tag) &&
+                    sub.tag.length > 0 &&
+                    !subnames.includes(sub.name) &&
+                    sub.tag.some((tag) => subscriptionTags.includes(tag))
+                ) {
+                    subnames.push(sub.name);
+                }
+            });
+        }
         const results = {};
         const errors = {};
         let processed = 0;
@@ -184,7 +230,14 @@ async function produceArtifact({
                                 .filter((i) => i.length)
                                 .map(async (url) => {
                                     try {
-                                        return await download(url, sub.ua);
+                                        return await download(
+                                            url,
+                                            sub.ua,
+                                            undefined,
+                                            proxy ||
+                                                sub.proxy ||
+                                                collection.proxy,
+                                        );
                                     } catch (err) {
                                         errors[url] = err;
                                         $.error(
@@ -216,8 +269,10 @@ async function produceArtifact({
                         .flat();
 
                     currentProxies.forEach((proxy) => {
-                        proxy.subName = sub.name;
-                        proxy.collectionName = collection.name;
+                        proxy._subName = sub.name;
+                        proxy._subDisplayName = sub.displayName;
+                        proxy._collectionName = collection.name;
+                        proxy._collectionDisplayName = collection.displayName;
                     });
 
                     // apply processors
@@ -225,7 +280,11 @@ async function produceArtifact({
                         currentProxies,
                         sub.process || [],
                         platform,
-                        { [sub.name]: sub, _collection: collection },
+                        {
+                            [sub.name]: sub,
+                            _collection: collection,
+                            $options,
+                        },
                     );
                     results[name] = currentProxies;
                     processed++;
@@ -269,7 +328,8 @@ async function produceArtifact({
         );
 
         proxies.forEach((proxy) => {
-            proxy.collectionName = collection.name;
+            proxy._collectionName = collection.name;
+            proxy._collectionDisplayName = collection.displayName;
         });
 
         // apply own processors
@@ -278,6 +338,7 @@ async function produceArtifact({
             collection.process || [],
             platform,
             { _collection: collection },
+            $options,
         );
         if (proxies.length === 0) {
             throw new Error(`组合订阅 ${name} 中不含有效节点`);
@@ -299,10 +360,11 @@ async function produceArtifact({
             }
             exist[proxy.name] = true;
         }
-        return ProxyUtils.produce(proxies, platform);
+        return ProxyUtils.produce(proxies, platform, produceType, produceOpts);
     } else if (type === 'rule') {
         const allRules = $.read(RULES_KEY);
         const rule = findByName(allRules, name);
+        if (!rule) throw new Error(`找不到规则 ${name}`);
         let rules = [];
         for (let i = 0; i < rule.urls.length; i++) {
             const url = rule.urls[i];
@@ -327,32 +389,219 @@ async function produceArtifact({
         ]);
         // produce output
         return RuleUtils.produce(rules, platform);
+    } else if (type === 'file') {
+        const allFiles = $.read(FILES_KEY);
+        const file = findByName(allFiles, name);
+        if (!file) throw new Error(`找不到文件 ${name}`);
+        let raw;
+        if (content && !['localFirst', 'remoteFirst'].includes(mergeSources)) {
+            raw = content;
+        } else if (url) {
+            const errors = {};
+            raw = await Promise.all(
+                url
+                    .split(/[\r\n]+/)
+                    .map((i) => i.trim())
+                    .filter((i) => i.length)
+                    .map(async (url) => {
+                        try {
+                            return await download(
+                                url,
+                                ua || file.ua,
+                                undefined,
+                                file.proxy || proxy,
+                            );
+                        } catch (err) {
+                            errors[url] = err;
+                            $.error(
+                                `文件 ${file.name} 的远程文件 ${url} 发生错误: ${err}`,
+                            );
+                            return '';
+                        }
+                    }),
+            );
+            let fileIgnoreFailedRemoteFile = file.ignoreFailedRemoteFile;
+            if (
+                ignoreFailedRemoteFile != null &&
+                ignoreFailedRemoteFile !== ''
+            ) {
+                fileIgnoreFailedRemoteFile = ignoreFailedRemoteFile;
+            }
+            if (!fileIgnoreFailedRemoteFile && Object.keys(errors).length > 0) {
+                throw new Error(
+                    `文件 ${file.name} 的远程文件 ${Object.keys(errors).join(
+                        ', ',
+                    )} 发生错误, 请查看日志`,
+                );
+            }
+            if (mergeSources === 'localFirst') {
+                raw.unshift(content);
+            } else if (mergeSources === 'remoteFirst') {
+                raw.push(content);
+            }
+        } else if (
+            file.source === 'local' &&
+            !['localFirst', 'remoteFirst'].includes(file.mergeSources)
+        ) {
+            raw = file.content;
+        } else {
+            const errors = {};
+            raw = await Promise.all(
+                file.url
+                    .split(/[\r\n]+/)
+                    .map((i) => i.trim())
+                    .filter((i) => i.length)
+                    .map(async (url) => {
+                        try {
+                            return await download(
+                                url,
+                                ua || file.ua,
+                                undefined,
+                                file.proxy || proxy,
+                            );
+                        } catch (err) {
+                            errors[url] = err;
+                            $.error(
+                                `文件 ${file.name} 的远程文件 ${url} 发生错误: ${err}`,
+                            );
+                            return '';
+                        }
+                    }),
+            );
+            let fileIgnoreFailedRemoteFile = file.ignoreFailedRemoteFile;
+            if (
+                ignoreFailedRemoteFile != null &&
+                ignoreFailedRemoteFile !== ''
+            ) {
+                fileIgnoreFailedRemoteFile = ignoreFailedRemoteFile;
+            }
+            if (!fileIgnoreFailedRemoteFile && Object.keys(errors).length > 0) {
+                throw new Error(
+                    `文件 ${file.name} 的远程文件 ${Object.keys(errors).join(
+                        ', ',
+                    )} 发生错误, 请查看日志`,
+                );
+            }
+            if (file.mergeSources === 'localFirst') {
+                raw.unshift(file.content);
+            } else if (file.mergeSources === 'remoteFirst') {
+                raw.push(file.content);
+            }
+        }
+        const files = (Array.isArray(raw) ? raw : [raw]).flat();
+        let filesContent = files
+            .filter((i) => i != null && i !== '')
+            .join('\n');
+
+        // apply processors
+        const processed =
+            Array.isArray(file.process) && file.process.length > 0
+                ? await ProxyUtils.process(
+                      { $files: files, $content: filesContent, $options },
+                      file.process,
+                  )
+                : { $content: filesContent, $files: files, $options };
+
+        return processed?.$content ?? '';
     }
 }
 
-async function syncAllArtifacts(_, res) {
+async function syncArtifacts() {
     $.info('开始同步所有远程配置...');
     const allArtifacts = $.read(ARTIFACTS_KEY);
     const files = {};
 
     try {
+        const invalid = [];
+        const allSubs = $.read(SUBS_KEY);
+        const allCols = $.read(COLLECTIONS_KEY);
+        const subNames = [];
+        allArtifacts.map((artifact) => {
+            if (artifact.sync && artifact.source) {
+                if (artifact.type === 'subscription') {
+                    const subName = artifact.source;
+                    const sub = findByName(allSubs, subName);
+                    if (sub && sub.url && !subNames.includes(subName)) {
+                        subNames.push(subName);
+                    }
+                } else if (artifact.type === 'collection') {
+                    const collection = findByName(allCols, artifact.source);
+                    if (collection && Array.isArray(collection.subscriptions)) {
+                        collection.subscriptions.map((subName) => {
+                            const sub = findByName(allSubs, subName);
+                            if (sub && sub.url && !subNames.includes(subName)) {
+                                subNames.push(subName);
+                            }
+                        });
+                    }
+                }
+            }
+        });
+
+        if (subNames.length > 0) {
+            await Promise.all(
+                subNames.map(async (subName) => {
+                    try {
+                        await produceArtifact({
+                            type: 'subscription',
+                            name: subName,
+                            awaitCustomCache: true,
+                        });
+                    } catch (e) {
+                        // $.error(`${e.message ?? e}`);
+                    }
+                }),
+            );
+        }
+
         await Promise.all(
             allArtifacts.map(async (artifact) => {
-                if (artifact.sync) {
-                    $.info(`正在同步云配置：${artifact.name}...`);
-                    const output = await produceArtifact({
-                        type: artifact.type,
-                        name: artifact.source,
-                        platform: artifact.platform,
-                    });
+                try {
+                    if (artifact.sync && artifact.source) {
+                        $.info(`正在同步云配置：${artifact.name}...`);
 
-                    files[artifact.name] = {
-                        content: output,
-                    };
+                        const useMihomoExternal =
+                            artifact.platform === 'SurgeMac';
+
+                        if (useMihomoExternal) {
+                            $.info(
+                                `手动指定了 target 为 SurgeMac, 将使用 Mihomo External`,
+                            );
+                        }
+
+                        const output = await produceArtifact({
+                            type: artifact.type,
+                            name: artifact.source,
+                            platform: artifact.platform,
+                            produceOpts: {
+                                'include-unsupported-proxy':
+                                    artifact.includeUnsupportedProxy,
+                                useMihomoExternal,
+                            },
+                        });
+
+                        // if (!output || output.length === 0)
+                        //     throw new Error('该配置的结果为空 不进行上传');
+
+                        files[encodeURIComponent(artifact.name)] = {
+                            content: output,
+                        };
+                    }
+                } catch (e) {
+                    $.error(
+                        `同步配置 ${artifact.name} 发生错误: ${e.message ?? e}`,
+                    );
+                    invalid.push(artifact.name);
                 }
             }),
         );
 
+        if (invalid.length > 0) {
+            throw new Error(
+                `同步配置 ${invalid.join(', ')} 发生错误 详情请查看日志`,
+            );
+        }
+
         const resp = await syncToGist(files);
         const body = JSON.parse(resp.body);
 
@@ -360,41 +609,82 @@ async function syncAllArtifacts(_, res) {
             if (artifact.sync) {
                 artifact.updated = new Date().getTime();
                 // extract real url from gist
-                artifact.url = body.files[artifact.name].raw_url.replace(
-                    /\/raw\/[^/]*\/(.*)/,
-                    '/raw/$1',
+                let files = body.files;
+                let isGitLab;
+                if (Array.isArray(files)) {
+                    isGitLab = true;
+                    files = Object.fromEntries(
+                        files.map((item) => [item.path, item]),
+                    );
+                }
+                const raw_url =
+                    files[encodeURIComponent(artifact.name)]?.raw_url;
+                const new_url = isGitLab
+                    ? raw_url
+                    : raw_url?.replace(/\/raw\/[^/]*\/(.*)/, '/raw/$1');
+                $.info(
+                    `上传配置完成\n文件列表: ${Object.keys(files).join(
+                        ', ',
+                    )}\n当前文件: ${encodeURIComponent(
+                        artifact.name,
+                    )}\n响应返回的原始链接: ${raw_url}\n处理完的新链接: ${new_url}`,
                 );
+                artifact.url = new_url;
             }
         }
 
         $.write(allArtifacts, ARTIFACTS_KEY);
         $.info('全部订阅同步成功！');
+    } catch (e) {
+        $.error(`同步订阅失败，原因：${e.message ?? e}`);
+        throw e;
+    }
+}
+async function syncAllArtifacts(_, res) {
+    $.info('开始同步所有远程配置...');
+    try {
+        await syncArtifacts();
         success(res);
-    } catch (err) {
+    } catch (e) {
+        $.error(`同步订阅失败，原因：${e.message ?? e}`);
         failed(
             res,
             new InternalServerError(
                 `FAILED_TO_SYNC_ARTIFACTS`,
                 `Failed to sync all artifacts`,
-                `Reason: ${err}`,
+                `Reason: ${e.message ?? e}`,
             ),
         );
-        $.info(`同步订阅失败，原因：${err}`);
     }
 }
 
 async function syncArtifact(req, res) {
     let { name } = req.params;
     name = decodeURIComponent(name);
+    $.info(`开始同步远程配置 ${name}...`);
     const allArtifacts = $.read(ARTIFACTS_KEY);
     const artifact = findByName(allArtifacts, name);
 
     if (!artifact) {
+        $.error(`找不到远程配置 ${name}`);
         failed(
             res,
             new ResourceNotFoundError(
                 'RESOURCE_NOT_FOUND',
-                `Artifact ${name} does not exist!`,
+                `找不到远程配置 ${name}`,
+            ),
+            404,
+        );
+        return;
+    }
+
+    if (!artifact.source) {
+        $.error(`远程配置 ${name} 未设置来源`);
+        failed(
+            res,
+            new ResourceNotFoundError(
+                'RESOURCE_HAS_NO_SOURCE',
+                `远程配置 ${name} 未设置来源`,
             ),
             404,
         );
@@ -402,10 +692,19 @@ async function syncArtifact(req, res) {
     }
 
     try {
+        const useMihomoExternal = artifact.platform === 'SurgeMac';
+
+        if (useMihomoExternal) {
+            $.info(`手动指定了 target 为 SurgeMac, 将使用 Mihomo External`);
+        }
         const output = await produceArtifact({
             type: artifact.type,
             name: artifact.source,
             platform: artifact.platform,
+            produceOpts: {
+                'include-unsupported-proxy': artifact.includeUnsupportedProxy,
+                useMihomoExternal,
+            },
         });
 
         $.info(
@@ -415,6 +714,8 @@ async function syncArtifact(req, res) {
                 2,
             )}`,
         );
+        // if (!output || output.length === 0)
+        //     throw new Error('该配置的结果为空 不进行上传');
         const resp = await syncToGist({
             [encodeURIComponent(artifact.name)]: {
                 content: output,
@@ -422,12 +723,28 @@ async function syncArtifact(req, res) {
         });
         artifact.updated = new Date().getTime();
         const body = JSON.parse(resp.body);
-        artifact.url = body.files[
-            encodeURIComponent(artifact.name)
-        ].raw_url.replace(/\/raw\/[^/]*\/(.*)/, '/raw/$1');
+        let files = body.files;
+        let isGitLab;
+        if (Array.isArray(files)) {
+            isGitLab = true;
+            files = Object.fromEntries(files.map((item) => [item.path, item]));
+        }
+        const raw_url = files[encodeURIComponent(artifact.name)]?.raw_url;
+        const new_url = isGitLab
+            ? raw_url
+            : raw_url?.replace(/\/raw\/[^/]*\/(.*)/, '/raw/$1');
+        $.info(
+            `上传配置完成\n文件列表: ${Object.keys(files).join(
+                ', ',
+            )}\n当前文件: ${encodeURIComponent(
+                artifact.name,
+            )}\n响应返回的原始链接: ${raw_url}\n处理完的新链接: ${new_url}`,
+        );
+        artifact.url = new_url;
         $.write(allArtifacts, ARTIFACTS_KEY);
         success(res, artifact);
     } catch (err) {
+        $.error(`远程配置 ${artifact.name} 发生错误: ${err.message ?? err}`);
         failed(
             res,
             new InternalServerError(
@@ -439,4 +756,4 @@ async function syncArtifact(req, res) {
     }
 }
 
-export { produceArtifact };
+export { produceArtifact, syncArtifacts };

backend/src/utils/dns.js

@@ -0,0 +1,49 @@
+import $ from '@/core/app';
+import dnsPacket from 'dns-packet';
+import { Buffer } from 'buffer';
+
+export async function doh({ url, domain, type = 'A', timeout, edns }) {
+    const buf = dnsPacket.encode({
+        type: 'query',
+        id: 0,
+        flags: dnsPacket.RECURSION_DESIRED,
+        questions: [
+            {
+                type,
+                name: domain,
+            },
+        ],
+        additionals: [
+            {
+                type: 'OPT',
+                name: '.',
+                udpPayloadSize: 4096,
+                flags: 0,
+                options: [
+                    {
+                        code: 'CLIENT_SUBNET',
+                        ip: edns,
+                        sourcePrefixLength: 24,
+                        scopePrefixLength: 0,
+                    },
+                ],
+            },
+        ],
+    });
+    const res = await $.http.get({
+        url: `${url}?dns=${buf
+            .toString('base64')
+            .toString('utf-8')
+            .replace(/=/g, '')}`,
+        headers: {
+            Accept: 'application/dns-message',
+            // 'Content-Type': 'application/dns-message',
+        },
+        // body: buf,
+        'binary-mode': true,
+        encoding: null, // 使用 null 编码以确保响应是原始二进制数据
+        timeout,
+    });
+
+    return dnsPacket.decode(Buffer.from($.env.isQX ? res.bodyBytes : res.body));
+}

backend/src/utils/download.js

@@ -1,15 +1,31 @@
-import { FILES_KEY, MODULES_KEY, SETTINGS_KEY } from '@/constants';
-import { findByName } from '@/utils/database';
+import { SETTINGS_KEY } from '@/constants';
 import { HTTP, ENV } from '@/vendor/open-api';
 import { hex_md5 } from '@/vendor/md5';
+import { getPolicyDescriptor } from '@/utils';
 import resourceCache from '@/utils/resource-cache';
+import headersResourceCache from '@/utils/headers-resource-cache';
+import {
+    getFlowField,
+    getFlowHeaders,
+    parseFlowHeaders,
+    validCheck,
+} from '@/utils/flow';
 import $ from '@/core/app';
 
 const tasks = new Map();
 
-export default async function download(url, ua) {
+export default async function download(
+    rawUrl = '',
+    ua,
+    timeout,
+    customProxy,
+    skipCustomCache,
+    awaitCustomCache,
+) {
     let $arguments = {};
+    let url = rawUrl.replace(/#noFlow$/, '');
     const rawArgs = url.split('#');
+    url = url.split('#')[0];
     if (rawArgs.length > 1) {
         try {
             // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
@@ -26,60 +42,201 @@ export default async function download(url, ua) {
             }
         }
     }
+    const { isNode, isStash, isLoon, isShadowRocket, isQX } = ENV();
+    const { defaultProxy, defaultUserAgent, defaultTimeout, cacheThreshold } =
+        $.read(SETTINGS_KEY);
+    let proxy = customProxy || defaultProxy;
+    if ($.env.isNode) {
+        proxy = proxy || eval('process.env.SUB_STORE_BACKEND_DEFAULT_PROXY');
+    }
+    const userAgent = ua || defaultUserAgent || 'clash.meta';
+    const requestTimeout = timeout || defaultTimeout;
+    const id = hex_md5(userAgent + url);
 
-    const downloadUrlMatch = url.match(/^\/api\/(file|module)\/(.+)/);
-    if (downloadUrlMatch) {
-        let type = downloadUrlMatch?.[1];
-        let name = downloadUrlMatch?.[2];
-        if (name == null) {
-            throw new Error(`本地 ${type} URL 无效: ${url}`);
-        }
-        name = decodeURIComponent(name);
-        const key = type === 'module' ? MODULES_KEY : FILES_KEY;
-        const item = findByName($.read(key), name);
-        if (!item) {
-            throw new Error(`找不到本地 ${type}: ${name}`);
-        }
-
-        return item.content;
+    if ($arguments?.cacheKey === true) {
+        $.error(`使用自定义缓存时 cacheKey 的值不能为空`);
+        $arguments.cacheKey = undefined;
     }
 
-    const { isNode } = ENV();
-    const { defaultUserAgent } = $.read(SETTINGS_KEY);
-    ua = ua || defaultUserAgent || 'clash.meta';
-    const id = hex_md5(ua + url);
+    const customCacheKey = $arguments?.cacheKey
+        ? `#sub-store-cached-custom-${$arguments?.cacheKey}`
+        : undefined;
+
+    if (customCacheKey && !skipCustomCache) {
+        const customCached = $.read(customCacheKey);
+        const cached = resourceCache.get(id);
+        if (!$arguments?.noCache && cached) {
+            $.info(
+                `乐观缓存: URL ${url}\n存在有效的常规缓存\n使用常规缓存以避免重复请求`,
+            );
+            return cached;
+        }
+        if (customCached) {
+            if (awaitCustomCache) {
+                $.info(`乐观缓存: URL ${url}\n本次进行请求 尝试更新缓存`);
+                try {
+                    await download(
+                        rawUrl.replace(/(\?|&)cacheKey=.*?(&|$)/, ''),
+                        ua,
+                        timeout,
+                        proxy,
+                        true,
+                    );
+                } catch (e) {
+                    $.error(
+                        `乐观缓存: URL ${url} 更新缓存发生错误 ${
+                            e.message ?? e
+                        }`,
+                    );
+                    $.info('使用乐观缓存的数据刷新缓存, 防止后续请求');
+                    resourceCache.set(id, customCached);
+                }
+            } else {
+                $.info(
+                    `乐观缓存: URL ${url}\n本次返回自定义缓存 ${$arguments?.cacheKey}\n并进行请求 尝试异步更新缓存`,
+                );
+                download(
+                    rawUrl.replace(/(\?|&)cacheKey=.*?(&|$)/, ''),
+                    ua,
+                    timeout,
+                    proxy,
+                    true,
+                ).catch((e) => {
+                    $.error(
+                        `乐观缓存: URL ${url} 异步更新缓存发生错误 ${
+                            e.message ?? e
+                        }`,
+                    );
+                });
+            }
+            return customCached;
+        }
+    }
+
+    // const downloadUrlMatch = url.match(/^\/api\/(file|module)\/(.+)/);
+    // if (downloadUrlMatch) {
+    //     let type = downloadUrlMatch?.[1];
+    //     let name = downloadUrlMatch?.[2];
+    //     if (name == null) {
+    //         throw new Error(`本地 ${type} URL 无效: ${url}`);
+    //     }
+    //     name = decodeURIComponent(name);
+    //     const key = type === 'module' ? MODULES_KEY : FILES_KEY;
+    //     const item = findByName($.read(key), name);
+    //     if (!item) {
+    //         throw new Error(`找不到本地 ${type}: ${name}`);
+    //     }
+
+    //     return item.content;
+    // }
+
     if (!isNode && tasks.has(id)) {
         return tasks.get(id);
     }
 
     const http = HTTP({
         headers: {
-            'User-Agent': ua,
+            'User-Agent': userAgent,
+            ...(isStash && proxy
+                ? { 'X-Stash-Selected-Proxy': encodeURIComponent(proxy) }
+                : {}),
+            ...(isShadowRocket && proxy ? { 'X-Surge-Policy': proxy } : {}),
         },
+        timeout: requestTimeout,
     });
 
-    const result = new Promise((resolve, reject) => {
-        // try to find in app cache
-        const cached = resourceCache.get(id);
-        if (!$arguments?.noCache && cached) {
-            resolve(cached);
-        } else {
-            $.info(`Downloading...\nUser-Agent: ${ua}\nURL: ${url}`);
-            http.get(url)
-                .then((resp) => {
-                    const body = resp.body;
-                    if (body.replace(/\s/g, '').length === 0)
-                        reject(new Error('远程资源内容为空！'));
-                    else {
-                        resourceCache.set(id, body);
-                        resolve(body);
-                    }
-                })
-                .catch(() => {
-                    reject(new Error(`无法下载 URL：${url}`));
-                });
+    let result;
+
+    // try to find in app cache
+    const cached = resourceCache.get(id);
+    if (!$arguments?.noCache && cached) {
+        $.info(`使用缓存: ${url}`);
+        result = cached;
+        if (customCacheKey) {
+            $.info(`URL ${url}\n写入自定义缓存 ${$arguments?.cacheKey}`);
+            $.write(cached, customCacheKey);
         }
-    });
+    } else {
+        const insecure = $arguments?.insecure
+            ? isNode
+                ? { strictSSL: false }
+                : { insecure: true }
+            : undefined;
+        $.info(
+            `Downloading...\nUser-Agent: ${userAgent}\nTimeout: ${requestTimeout}\nProxy: ${proxy}\nInsecure: ${!!insecure}\nURL: ${url}`,
+        );
+        try {
+            const { body, headers } = await http.get({
+                url,
+                ...(proxy ? { proxy } : {}),
+                ...(isLoon && proxy ? { node: proxy } : {}),
+                ...(isQX && proxy ? { opts: { policy: proxy } } : {}),
+                ...(proxy ? getPolicyDescriptor(proxy) : {}),
+                ...(insecure ? insecure : {}),
+            });
+
+            if (headers) {
+                const flowInfo = getFlowField(headers);
+                if (flowInfo) {
+                    headersResourceCache.set(url, flowInfo);
+                }
+            }
+            if (body.replace(/\s/g, '').length === 0)
+                throw new Error(new Error('远程资源内容为空'));
+            let shouldCache = true;
+            if (cacheThreshold) {
+                const size = body.length / 1024;
+                if (size > cacheThreshold) {
+                    $.info(
+                        `资源大小 ${size.toFixed(
+                            2,
+                        )} KB 超过了 ${cacheThreshold} KB, 不缓存`,
+                    );
+                    shouldCache = false;
+                }
+            }
+            if (shouldCache) {
+                resourceCache.set(id, body);
+                if (customCacheKey) {
+                    $.info(
+                        `URL ${url}\n写入自定义缓存 ${$arguments?.cacheKey}`,
+                    );
+                    $.write(body, customCacheKey);
+                }
+            }
+
+            result = body;
+        } catch (e) {
+            if (customCacheKey) {
+                const cached = $.read(customCacheKey);
+                if (cached) {
+                    $.info(
+                        `无法下载 URL ${url}: ${
+                            e.message ?? e
+                        }\n使用自定义缓存 ${$arguments?.cacheKey}`,
+                    );
+                    return cached;
+                }
+            }
+            throw new Error(`无法下载 URL ${url}: ${e.message ?? e}`);
+        }
+    }
+
+    // 检查订阅有效性
+
+    if ($arguments?.validCheck) {
+        await validCheck(
+            parseFlowHeaders(
+                await getFlowHeaders(
+                    url,
+                    $arguments.flowUserAgent,
+                    undefined,
+                    proxy,
+                    $arguments.flowUrl,
+                ),
+            ),
+        );
+    }
 
     if (!isNode) {
         tasks.set(id, result);

backend/src/utils/env.js

@@ -1,7 +1,17 @@
 import { version as substoreVersion } from '../../package.json';
 import { ENV } from '@/vendor/open-api';
 
-const { isNode, isQX, isLoon, isSurge, isStash, isShadowRocket } = ENV();
+const {
+    isNode,
+    isQX,
+    isLoon,
+    isSurge,
+    isStash,
+    isShadowRocket,
+    isLanceX,
+    isEgern,
+    isGUIforCores,
+} = ENV();
 let backend = 'Node';
 if (isNode) backend = 'Node';
 if (isQX) backend = 'QX';
@@ -9,8 +19,49 @@ if (isLoon) backend = 'Loon';
 if (isSurge) backend = 'Surge';
 if (isStash) backend = 'Stash';
 if (isShadowRocket) backend = 'ShadowRocket';
+if (isEgern) backend = 'Egern';
+if (isLanceX) backend = 'LanceX';
+if (isGUIforCores) backend = 'GUI.for.Cores';
+
+let meta = {};
+
+try {
+    if (typeof $environment !== 'undefined') {
+        // eslint-disable-next-line no-undef
+        meta.env = $environment;
+    }
+    if (typeof $loon !== 'undefined') {
+        // eslint-disable-next-line no-undef
+        meta.loon = $loon;
+    }
+    if (typeof $script !== 'undefined') {
+        // eslint-disable-next-line no-undef
+        meta.script = $script;
+    }
+    if (typeof $Plugin !== 'undefined') {
+        // eslint-disable-next-line no-undef
+        meta.plugin = $Plugin;
+    }
+    if (isNode) {
+        meta.node = {
+            version: eval('process.version'),
+            argv: eval('process.argv'),
+            filename: eval('__filename'),
+            dirname: eval('__dirname'),
+            env: {},
+        };
+        const env = eval('process.env');
+        for (const key in env) {
+            if (/^SUB_STORE_/.test(key)) {
+                meta.node.env[key] = env[key];
+            }
+        }
+    }
+    // eslint-disable-next-line no-empty
+} catch (e) {}
 
 export default {
     backend,
     version: substoreVersion,
+    meta,
 };

backend/src/utils/flow.js

@@ -1,43 +1,282 @@
-import { HTTP } from '@/vendor/open-api';
+import { SETTINGS_KEY } from '@/constants';
+import { HTTP, ENV } from '@/vendor/open-api';
+import { getPolicyDescriptor } from '@/utils';
+import $ from '@/core/app';
+import headersResourceCache from '@/utils/headers-resource-cache';
 
-export async function getFlowHeaders(url) {
-    const http = HTTP();
-    const { headers } = await http.get({
-        url: url
-            .split(/[\r\n]+/)
-            .map((i) => i.trim())
-            .filter((i) => i.length)[0],
-        headers: {
-            'User-Agent': 'Quantumult%20X/1.0.30 (iPhone14,2; iOS 15.6)',
-        },
-    });
+export function getFlowField(headers) {
     const subkey = Object.keys(headers).filter((k) =>
         /SUBSCRIPTION-USERINFO/i.test(k),
     )[0];
     return headers[subkey];
 }
+export async function getFlowHeaders(
+    rawUrl,
+    ua,
+    timeout,
+    customProxy,
+    flowUrl,
+) {
+    let url = flowUrl || rawUrl || '';
+    let $arguments = {};
+    const rawArgs = url.split('#');
+    url = url.split('#')[0];
+    if (rawArgs.length > 1) {
+        try {
+            // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
+            $arguments = JSON.parse(decodeURIComponent(rawArgs[1]));
+        } catch (e) {
+            for (const pair of rawArgs[1].split('&')) {
+                const key = pair.split('=')[0];
+                const value = pair.split('=')[1];
+                // 部分兼容之前的逻辑 const value = pair.split('=')[1] || true;
+                $arguments[key] =
+                    value == null || value === ''
+                        ? true
+                        : decodeURIComponent(value);
+            }
+        }
+    }
+    if ($arguments?.noFlow) {
+        return;
+    }
+    const { isStash, isLoon, isShadowRocket, isQX } = ENV();
+    const cached = headersResourceCache.get(url);
+    let flowInfo;
+    if (!$arguments?.noCache && cached) {
+        // $.info(`使用缓存的流量信息: ${url}`);
+        flowInfo = cached;
+    } else {
+        const insecure = $arguments?.insecure
+            ? $.env.isNode
+                ? { strictSSL: false }
+                : { insecure: true }
+            : undefined;
+        const { defaultProxy, defaultFlowUserAgent, defaultTimeout } =
+            $.read(SETTINGS_KEY);
+        let proxy = customProxy || defaultProxy;
+        if ($.env.isNode) {
+            proxy =
+                proxy || eval('process.env.SUB_STORE_BACKEND_DEFAULT_PROXY');
+        }
+        const userAgent =
+            ua ||
+            defaultFlowUserAgent ||
+            'Quantumult%20X/1.0.30 (iPhone14,2; iOS 15.6)';
+        const requestTimeout = timeout || defaultTimeout;
+        const http = HTTP();
+        if (flowUrl) {
+            $.info(
+                `使用 GET 方法从响应体获取流量信息: ${flowUrl}, User-Agent: ${
+                    userAgent || ''
+                }, Insecure: ${!!insecure}, Proxy: ${proxy}`,
+            );
+            const { body } = await http.get({
+                url: flowUrl,
+                headers: {
+                    'User-Agent': userAgent,
+                },
+                timeout: requestTimeout,
+                ...(proxy ? { proxy } : {}),
+                ...(isLoon && proxy ? { node: proxy } : {}),
+                ...(isQX && proxy ? { opts: { policy: proxy } } : {}),
+                ...(proxy ? getPolicyDescriptor(proxy) : {}),
+                ...(insecure ? insecure : {}),
+            });
+            flowInfo = body;
+        } else {
+            try {
+                $.info(
+                    `使用 HEAD 方法从响应头获取流量信息: ${url}, User-Agent: ${
+                        userAgent || ''
+                    }, Insecure: ${!!insecure}, Proxy: ${proxy}`,
+                );
+                const { headers } = await http.head({
+                    url: url
+                        .split(/[\r\n]+/)
+                        .map((i) => i.trim())
+                        .filter((i) => i.length)[0],
+                    headers: {
+                        'User-Agent': userAgent,
+                        ...(isStash && proxy
+                            ? {
+                                  'X-Stash-Selected-Proxy':
+                                      encodeURIComponent(proxy),
+                              }
+                            : {}),
+                        ...(isShadowRocket && proxy
+                            ? { 'X-Surge-Policy': proxy }
+                            : {}),
+                    },
+                    timeout: requestTimeout,
+                    ...(proxy ? { proxy } : {}),
+                    ...(isLoon && proxy ? { node: proxy } : {}),
+                    ...(isQX && proxy ? { opts: { policy: proxy } } : {}),
+                    ...(proxy ? getPolicyDescriptor(proxy) : {}),
+                    ...(insecure ? insecure : {}),
+                });
+                flowInfo = getFlowField(headers);
+            } catch (e) {
+                $.error(
+                    `使用 HEAD 方法从响应头获取流量信息失败: ${url}, User-Agent: ${
+                        userAgent || ''
+                    }, Insecure: ${!!insecure}, Proxy: ${proxy}: ${
+                        e.message ?? e
+                    }`,
+                );
+            }
+            if (!flowInfo) {
+                $.info(
+                    `使用 GET 方法获取流量信息: ${url}, User-Agent: ${
+                        userAgent || ''
+                    }, Insecure: ${!!insecure}, Proxy: ${proxy}`,
+                );
+                const { headers } = await http.get({
+                    url: url
+                        .split(/[\r\n]+/)
+                        .map((i) => i.trim())
+                        .filter((i) => i.length)[0],
+                    headers: {
+                        'User-Agent': userAgent,
+                        ...(isStash && proxy
+                            ? {
+                                  'X-Stash-Selected-Proxy':
+                                      encodeURIComponent(proxy),
+                              }
+                            : {}),
+                        ...(isShadowRocket && proxy
+                            ? { 'X-Surge-Policy': proxy }
+                            : {}),
+                    },
+                    timeout: requestTimeout,
+                    ...(proxy ? { proxy } : {}),
+                    ...(isLoon && proxy ? { node: proxy } : {}),
+                    ...(isQX && proxy ? { opts: { policy: proxy } } : {}),
+                    ...(proxy ? getPolicyDescriptor(proxy) : {}),
+                    ...(insecure ? insecure : {}),
+                });
+                flowInfo = getFlowField(headers);
+            }
+        }
+        if (flowInfo) {
+            headersResourceCache.set(url, flowInfo);
+        }
+    }
+
+    return flowInfo;
+}
 export function parseFlowHeaders(flowHeaders) {
     if (!flowHeaders) return;
     // unit is KB
-    const uploadMatch = flowHeaders.match(/upload=(-?)(\d+)/);
+    const uploadMatch = flowHeaders.match(
+        /upload=([-+]?)([0-9]*\.?[0-9]+([eE][-+]?[0-9]+)?)/,
+    );
     const upload = Number(uploadMatch[1] + uploadMatch[2]);
 
-    const downloadMatch = flowHeaders.match(/download=(-?)(\d+)/);
+    const downloadMatch = flowHeaders.match(
+        /download=([-+]?)([0-9]*\.?[0-9]+([eE][-+]?[0-9]+)?)/,
+    );
     const download = Number(downloadMatch[1] + downloadMatch[2]);
-
-    const total = Number(flowHeaders.match(/total=(\d+)/)[1]);
+    const totalMatch = flowHeaders.match(
+        /total=([-+]?)([0-9]*\.?[0-9]+([eE][-+]?[0-9]+)?)/,
+    );
+    const total = Number(totalMatch[1] + totalMatch[2]);
 
     // optional expire timestamp
-    const match = flowHeaders.match(/expire=(\d+)/);
-    const expires = match ? Number(match[1]) : undefined;
+    const expireMatch = flowHeaders.match(
+        /expire=([-+]?)([0-9]*\.?[0-9]+([eE][-+]?[0-9]+)?)/,
+    );
+    const expires = expireMatch
+        ? Number(expireMatch[1] + expireMatch[2])
+        : undefined;
 
     return { expires, total, usage: { upload, download } };
 }
 export function flowTransfer(flow, unit = 'B') {
-    const unitList = ['B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB'];
+    const unitList = ['B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB'];
     let unitIndex = unitList.indexOf(unit);
 
-    return flow < 1024
+    return flow < 1024 || unitIndex === unitList.length - 1
         ? { value: flow.toFixed(1), unit: unit }
         : flowTransfer(flow / 1024, unitList[++unitIndex]);
 }
+
+export function validCheck(flow) {
+    if (!flow) {
+        throw new Error('没有流量信息');
+    }
+    if (flow?.expires && flow.expires * 1000 < Date.now()) {
+        const date = new Date(flow.expires * 1000).toLocaleDateString();
+        throw new Error(`订阅已过期: ${date}`);
+    }
+    if (flow?.total) {
+        const upload = flow.usage?.upload || 0;
+        const download = flow.usage?.download || 0;
+        if (flow.total - upload - download < 0) {
+            const current = upload + download;
+            const currT = flowTransfer(Math.abs(current));
+            currT.value = current < 0 ? '-' + currT.value : currT.value;
+            const totalT = flowTransfer(flow.total);
+            throw new Error(
+                `流量已用完: ${currT.value} ${currT.unit} / ${totalT.value} ${totalT.unit}`,
+            );
+        }
+    }
+}
+
+export function getRmainingDays(opt = {}) {
+    try {
+        let { resetDay, startDate, cycleDays } = opt;
+        if (['string', 'number'].includes(typeof opt)) {
+            resetDay = opt;
+        }
+
+        if (startDate && cycleDays) {
+            cycleDays = parseInt(cycleDays);
+            if (isNaN(cycleDays) || cycleDays <= 0)
+                throw new Error('重置周期应为正整数');
+            if (!startDate || !Date.parse(startDate))
+                throw new Error('开始日期不合法');
+
+            const start = new Date(startDate);
+            const today = new Date();
+            start.setHours(0, 0, 0, 0);
+            today.setHours(0, 0, 0, 0);
+            if (start.getTime() > today.getTime())
+                throw new Error('开始日期应早于现在');
+
+            let resetDate = new Date(startDate);
+            resetDate.setDate(resetDate.getDate() + cycleDays);
+
+            while (resetDate < today) {
+                resetDate.setDate(resetDate.getDate() + cycleDays);
+            }
+
+            resetDate.setHours(0, 0, 0, 0);
+            const timeDiff = resetDate.getTime() - today.getTime();
+            const daysDiff = Math.ceil(timeDiff / (1000 * 3600 * 24));
+
+            return daysDiff;
+        } else {
+            if (!resetDay) return;
+            resetDay = parseInt(resetDay);
+            if (isNaN(resetDay) || resetDay <= 0 || resetDay > 31)
+                throw new Error('月重置日应为 1-31 之间的整数');
+            let now = new Date();
+            let today = now.getDate();
+            let month = now.getMonth();
+            let year = now.getFullYear();
+            let daysInMonth;
+
+            if (resetDay > today) {
+                daysInMonth = 0;
+            } else {
+                daysInMonth = new Date(year, month + 1, 0).getDate();
+            }
+
+            return daysInMonth - today + resetDay;
+        }
+    } catch (e) {
+        $.error(`getRmainingDays failed: ${e.message ?? e}`);
+    }
+}

backend/src/utils/geo.js

@@ -1,3 +1,107 @@
+import $ from '@/core/app';
+
+const ISOFlags = {
+    '🏳️‍🌈': ['EXP', 'BAND'],
+    '🇸🇱': ['TEST', 'SOS'],
+    '🇦🇩': ['AD', 'AND'],
+    '🇦🇪': ['AE', 'ARE'],
+    '🇦🇫': ['AF', 'AFG'],
+    '🇦🇱': ['AL', 'ALB'],
+    '🇦🇲': ['AM', 'ARM'],
+    '🇦🇷': ['AR', 'ARG'],
+    '🇦🇹': ['AT', 'AUT'],
+    '🇦🇺': ['AU', 'AUS'],
+    '🇦🇿': ['AZ', 'AZE'],
+    '🇧🇦': ['BA', 'BIH'],
+    '🇧🇩': ['BD', 'BGD'],
+    '🇧🇪': ['BE', 'BEL'],
+    '🇧🇬': ['BG', 'BGR'],
+    '🇧🇭': ['BH', 'BHR'],
+    '🇧🇷': ['BR', 'BRA'],
+    '🇧🇾': ['BY', 'BLR'],
+    '🇨🇦': ['CA', 'CAN'],
+    '🇨🇭': ['CH', 'CHE'],
+    '🇨🇱': ['CL', 'CHL'],
+    '🇨🇴': ['CO', 'COL'],
+    '🇨🇷': ['CR', 'CRI'],
+    '🇨🇾': ['CY', 'CYP'],
+    '🇨🇿': ['CZ', 'CZE'],
+    '🇩🇪': ['DE', 'DEU'],
+    '🇩🇰': ['DK', 'DNK'],
+    '🇪🇨': ['EC', 'ECU'],
+    '🇪🇪': ['EE', 'EST'],
+    '🇪🇬': ['EG', 'EGY'],
+    '🇪🇸': ['ES', 'ESP'],
+    '🇪🇺': ['EU'],
+    '🇫🇮': ['FI', 'FIN'],
+    '🇫🇷': ['FR', 'FRA'],
+    '🇬🇧': ['GB', 'GBR', 'UK'],
+    '🇬🇪': ['GE', 'GEO'],
+    '🇬🇷': ['GR', 'GRC'],
+    '🇭🇰': ['HK', 'HKG', 'HKT', 'HKBN', 'HGC', 'WTT', 'CMI'],
+    '🇭🇷': ['HR', 'HRV'],
+    '🇭🇺': ['HU', 'HUN'],
+    '🇯🇴': ['JO', 'JOR'],
+    '🇯🇵': ['JP', 'JPN', 'TYO'],
+    '🇰🇪': ['KE', 'KEN'],
+    '🇰🇬': ['KG', 'KGZ'],
+    '🇰🇭': ['KH', 'KGZ'],
+    '🇰🇵': ['KP', 'PRK'],
+    '🇰🇷': ['KR', 'KOR', 'SEL'],
+    '🇰🇿': ['KZ', 'KAZ'],
+    '🇮🇩': ['ID', 'IDN'],
+    '🇮🇪': ['IE', 'IRL'],
+    '🇮🇱': ['IL', 'ISR'],
+    '🇮🇲': ['IM', 'IMN'],
+    '🇮🇳': ['IN', 'IND'],
+    '🇮🇷': ['IR', 'IRN'],
+    '🇮🇸': ['IS', 'ISL'],
+    '🇮🇹': ['IT', 'ITA'],
+    '🇱🇹': ['LT', 'LTU'],
+    '🇱🇺': ['LU', 'LUX'],
+    '🇱🇻': ['LV', 'LVA'],
+    '🇲🇦': ['MA', 'MAR'],
+    '🇲🇩': ['MD', 'MDA'],
+    '🇳🇬': ['NG', 'NGA'],
+    '🇲🇰': ['MK', 'MKD'],
+    '🇲🇳': ['MN', 'MNG'],
+    '🇲🇴': ['MO', 'MAC', 'CTM'],
+    '🇲🇹': ['MT', 'MLT'],
+    '🇲🇽': ['MX', 'MEX'],
+    '🇲🇾': ['MY', 'MYS'],
+    '🇳🇱': ['NL', 'NLD', 'AMS'],
+    '🇳🇴': ['NO', 'NOR'],
+    '🇳🇵': ['NP', 'NPL'],
+    '🇳🇿': ['NZ', 'NZL'],
+    '🇵🇦': ['PA', 'PAN'],
+    '🇵🇪': ['PE', 'PER'],
+    '🇵🇭': ['PH', 'PHL'],
+    '🇵🇰': ['PK', 'PAK'],
+    '🇵🇱': ['PL', 'POL'],
+    '🇵🇷': ['PR', 'PRI'],
+    '🇵🇹': ['PT', 'PRT'],
+    '🇵🇾': ['PY', 'PRY'],
+    '🇷🇴': ['RO', 'ROU'],
+    '🇷🇸': ['RS', 'SRB'],
+    '🇷🇪': ['RE', 'REU'],
+    '🇷🇺': ['RU', 'RUS'],
+    '🇸🇦': ['SA', 'SAU'],
+    '🇸🇪': ['SE', 'SWE'],
+    '🇸🇬': ['SG', 'SGP'],
+    '🇸🇮': ['SI', 'SVN'],
+    '🇸🇰': ['SK', 'SVK'],
+    '🇹🇭': ['TH', 'THA'],
+    '🇹🇳': ['TN', 'TUN'],
+    '🇹🇷': ['TR', 'TUR'],
+    '🇹🇼': ['TW', 'TWN', 'CHT', 'HINET', 'ROC'],
+    '🇺🇦': ['UA', 'UKR'],
+    '🇺🇸': ['US', 'USA', 'LAX', 'SFO', 'SJC'],
+    '🇺🇾': ['UY', 'URY'],
+    '🇻🇪': ['VE', 'VEN'],
+    '🇻🇳': ['VN', 'VNM'],
+    '🇿🇦': ['ZA', 'ZAF', 'JNB'],
+    '🇨🇳': ['CN', 'CHN', 'BACK'],
+};
 // get proxy flag according to its name
 export function getFlag(name) {
     // flags from @KOP-XIAO: https://github.com/KOP-XIAO/QuantumultX/blob/master/Scripts/resource-parser.js
@@ -65,6 +169,7 @@ export function getFlag(name) {
             '广德',
             '法兰克福',
             'Frankfurt',
+            '德意志',
         ],
         '🇩🇰': ['Denmark', '丹麦', '丹麥'],
         '🇪🇨': ['Ecuador', '厄瓜多尔'],
@@ -188,7 +293,7 @@ export function getFlag(name) {
             '沪俄',
             'Moscow',
         ],
-        '🇸🇦': ['Saudi', '沙特阿拉伯', '沙特'],
+        '🇸🇦': ['Saudi', '沙特阿拉伯', '沙特', 'Riyadh', '利雅得'],
         '🇸🇪': ['Sweden', '瑞典'],
         '🇸🇬': [
             'Singapore',
@@ -213,12 +318,18 @@ export function getFlag(name) {
         '🇹🇼': [
             'Taiwan',
             '台湾',
+            '臺灣',
+            '台灣',
+            '中華民國',
+            '中华民国',
             '台北',
             '台中',
             '新北',
             '彰化',
             '台',
+            '臺',
             'Taipei',
+            'Tai Wan',
         ],
         '🇺🇦': ['Ukraine', '乌克兰', '烏克蘭'],
         '🇺🇸': [
@@ -278,108 +389,6 @@ export function getFlag(name) {
         ],
     };
 
-    const ISOFlags = {
-        '🏳️‍🌈': ['EXP', 'BAND'],
-        '🇸🇱': ['TEST', 'SOS'],
-        '🇦🇩': ['AD', 'AND'],
-        '🇦🇪': ['AE', 'ARE'],
-        '🇦🇫': ['AF', 'AFG'],
-        '🇦🇱': ['AL', 'ALB'],
-        '🇦🇲': ['AM', 'ARM'],
-        '🇦🇷': ['AR', 'ARG'],
-        '🇦🇹': ['AT', 'AUT'],
-        '🇦🇺': ['AU', 'AUS'],
-        '🇦🇿': ['AZ', 'AZE'],
-        '🇧🇦': ['BA', 'BIH'],
-        '🇧🇩': ['BD', 'BGD'],
-        '🇧🇪': ['BE', 'BEL'],
-        '🇧🇬': ['BG', 'BGR'],
-        '🇧🇭': ['BH', 'BHR'],
-        '🇧🇷': ['BR', 'BRA'],
-        '🇧🇾': ['BY', 'BLR'],
-        '🇨🇦': ['CA', 'CAN'],
-        '🇨🇭': ['CH', 'CHE'],
-        '🇨🇱': ['CL', 'CHL'],
-        '🇨🇴': ['CO', 'COL'],
-        '🇨🇷': ['CR', 'CRI'],
-        '🇨🇾': ['CY', 'CYP'],
-        '🇨🇿': ['CZ', 'CZE'],
-        '🇩🇪': ['DE', 'DEU'],
-        '🇩🇰': ['DK', 'DNK'],
-        '🇪🇨': ['EC', 'ECU'],
-        '🇪🇪': ['EE', 'EST'],
-        '🇪🇬': ['EG', 'EGY'],
-        '🇪🇸': ['ES', 'ESP'],
-        '🇪🇺': ['EU'],
-        '🇫🇮': ['FI', 'FIN'],
-        '🇫🇷': ['FR', 'FRA'],
-        '🇬🇧': ['GB', 'GBR', 'UK'],
-        '🇬🇪': ['GE', 'GEO'],
-        '🇬🇷': ['GR', 'GRC'],
-        '🇭🇰': ['HK', 'HKG', 'HKT', 'HKBN', 'HGC', 'WTT', 'CMI'],
-        '🇭🇷': ['HR', 'HRV'],
-        '🇭🇺': ['HU', 'HUN'],
-        '🇯🇴': ['JO', 'JOR'],
-        '🇯🇵': ['JP', 'JPN'],
-        '🇰🇪': ['KE', 'KEN'],
-        '🇰🇬': ['KG', 'KGZ'],
-        '🇰🇭': ['KH', 'KGZ'],
-        '🇰🇵': ['KP', 'PRK'],
-        '🇰🇷': ['KR', 'KOR'],
-        '🇰🇿': ['KZ', 'KAZ'],
-        '🇮🇩': ['ID', 'IDN'],
-        '🇮🇪': ['IE', 'IRL'],
-        '🇮🇱': ['IL', 'ISR'],
-        '🇮🇲': ['IM', 'IMN'],
-        '🇮🇳': ['IN', 'IND'],
-        '🇮🇷': ['IR', 'IRN'],
-        '🇮🇸': ['IS', 'ISL'],
-        '🇮🇹': ['IT', 'ITA'],
-        '🇱🇹': ['LT', 'LTU'],
-        '🇱🇺': ['LU', 'LUX'],
-        '🇱🇻': ['LV', 'LVA'],
-        '🇲🇦': ['MA', 'MAR'],
-        '🇲🇩': ['MD', 'MDA'],
-        '🇳🇬': ['NG', 'NGA'],
-        '🇲🇰': ['MK', 'MKD'],
-        '🇲🇳': ['MN', 'MNG'],
-        '🇲🇴': ['MO', 'MAC', 'CTM'],
-        '🇲🇹': ['MT', 'MLT'],
-        '🇲🇽': ['MX', 'MEX'],
-        '🇲🇾': ['MY', 'MYS'],
-        '🇳🇱': ['NL', 'NLD'],
-        '🇳🇴': ['NO', 'NOR'],
-        '🇳🇵': ['NP', 'NPL'],
-        '🇳🇿': ['NZ', 'NZL'],
-        '🇵🇦': ['PA', 'PAN'],
-        '🇵🇪': ['PE', 'PER'],
-        '🇵🇭': ['PH', 'PHL'],
-        '🇵🇰': ['PK', 'PAK'],
-        '🇵🇱': ['PL', 'POL'],
-        '🇵🇷': ['PR', 'PRI'],
-        '🇵🇹': ['PT', 'PRT'],
-        '🇵🇾': ['PY', 'PRY'],
-        '🇷🇴': ['RO', 'ROU'],
-        '🇷🇸': ['RS', 'SRB'],
-        '🇷🇪': ['RE', 'REU'],
-        '🇷🇺': ['RU', 'RUS'],
-        '🇸🇦': ['SA', 'SAU'],
-        '🇸🇪': ['SE', 'SWE'],
-        '🇸🇬': ['SG', 'SGP'],
-        '🇸🇮': ['SI', 'SVN'],
-        '🇸🇰': ['SK', 'SVK'],
-        '🇹🇭': ['TH', 'THA'],
-        '🇹🇳': ['TN', 'TUN'],
-        '🇹🇷': ['TR', 'TUR'],
-        '🇹🇼': ['TW', 'TWN', 'CHT', 'HINET'],
-        '🇺🇦': ['UA', 'UKR'],
-        '🇺🇸': ['US', 'USA', 'LAX', 'SFO'],
-        '🇺🇾': ['UY', 'URY'],
-        '🇻🇪': ['VE', 'VEN'],
-        '🇻🇳': ['VN', 'VNM'],
-        '🇿🇦': ['ZA', 'ZAF'],
-        '🇨🇳': ['CN', 'CHN', 'BACK'],
-    };
     // 原旗帜或空
     let Flag =
         name.match(/[\uD83C][\uDDE6-\uDDFF][\uD83C][\uDDE6-\uDDFF]/)?.[0] ||
@@ -393,7 +402,9 @@ export function getFlag(name) {
             // 不精确匹配（只要包含就算,忽略大小写)
             keywords.some((keyword) => RegExp(`${keyword}`, 'i').test(name))
         ) {
-            //console.log(`newFlag = ${flag}`)
+            if (/内蒙古/.test(name) && ['🇲🇳'].includes(flag)) {
+                return (Flag = '🇨🇳');
+            }
             return (Flag = flag);
         }
     }
@@ -411,6 +422,56 @@ export function getFlag(name) {
             return (Flag = flag);
         }
     }
+
     //console.log(`Final Flag = ${Flag}`)
     return Flag;
 }
+
+export function getISO(name) {
+    return ISOFlags[getFlag(name)]?.[0];
+}
+
+// remove flag
+export function removeFlag(str) {
+    return str
+        .replace(/[\uD83C][\uDDE6-\uDDFF][\uD83C][\uDDE6-\uDDFF]|🏴‍☠️|🏳️‍🌈/g, '')
+        .trim();
+}
+
+export class MMDB {
+    constructor({ country, asn } = {}) {
+        if ($.env.isNode) {
+            const Reader = eval(`require("@maxmind/geoip2-node")`).Reader;
+            const fs = eval("require('fs')");
+            const countryFile =
+                country || eval('process.env.SUB_STORE_MMDB_COUNTRY_PATH');
+            const asnFile = asn || eval('process.env.SUB_STORE_MMDB_ASN_PATH');
+            // $.info(
+            //     `GeoLite2 Country MMDB: ${countryFile}, exists: ${fs.existsSync(
+            //         countryFile,
+            //     )}`,
+            // );
+            if (countryFile) {
+                this.countryReader = Reader.openBuffer(
+                    fs.readFileSync(countryFile),
+                );
+            }
+            // $.info(
+            //     `GeoLite2 ASN MMDB: ${asnFile}, exists: ${fs.existsSync(
+            //         asnFile,
+            //     )}`,
+            // );
+            if (asnFile) {
+                if (!fs.existsSync(asnFile))
+                    throw new Error('GeoLite2 ASN MMDB does not exist');
+                this.asnReader = Reader.openBuffer(fs.readFileSync(asnFile));
+            }
+        }
+    }
+    geoip(ip) {
+        return this.countryReader?.country(ip)?.country?.isoCode;
+    }
+    ipaso(ip) {
+        return this.asnReader?.asn(ip)?.autonomousSystemOrganization;
+    }
+}

backend/src/utils/gist.js

@@ -1,84 +1,283 @@
-import { HTTP } from '@/vendor/open-api';
+import { HTTP, ENV } from '@/vendor/open-api';
+import { getPolicyDescriptor } from '@/utils';
+import $ from '@/core/app';
+import { SETTINGS_KEY } from '@/constants';
 
 /**
  * Gist backup
  */
 export default class Gist {
-    constructor({ token, key }) {
-        this.http = HTTP({
-            baseURL: 'https://api.github.com',
-            headers: {
+    constructor({ token, key, syncPlatform }) {
+        const { isStash, isLoon, isShadowRocket, isQX } = ENV();
+        const { defaultProxy, defaultTimeout: timeout } = $.read(SETTINGS_KEY);
+        let proxy = defaultProxy;
+        if ($.env.isNode) {
+            proxy =
+                proxy || eval('process.env.SUB_STORE_BACKEND_DEFAULT_PROXY');
+        }
+
+        if (syncPlatform === 'gitlab') {
+            this.headers = {
+                'PRIVATE-TOKEN': `${token}`,
+                'User-Agent':
+                    'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.141 Safari/537.36',
+            };
+            this.http = HTTP({
+                baseURL: 'https://gitlab.com/api/v4',
+                headers: {
+                    ...this.headers,
+                    ...(isStash && proxy
+                        ? {
+                              'X-Stash-Selected-Proxy':
+                                  encodeURIComponent(proxy),
+                          }
+                        : {}),
+                    ...(isShadowRocket && proxy
+                        ? { 'X-Surge-Policy': proxy }
+                        : {}),
+                },
+
+                ...(proxy ? { proxy } : {}),
+                ...(isLoon && proxy ? { node: proxy } : {}),
+                ...(isQX && proxy ? { opts: { policy: proxy } } : {}),
+                ...(proxy ? getPolicyDescriptor(proxy) : {}),
+                timeout,
+
+                events: {
+                    onResponse: (resp) => {
+                        if (/^[45]/.test(String(resp.statusCode))) {
+                            const body = JSON.parse(resp.body);
+                            return Promise.reject(
+                                `ERROR: ${body.message?.error ?? body.message}`,
+                            );
+                        } else {
+                            return resp;
+                        }
+                    },
+                },
+            });
+        } else {
+            this.headers = {
                 Authorization: `token ${token}`,
                 'User-Agent':
                     'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.141 Safari/537.36',
-            },
-            events: {
-                onResponse: (resp) => {
-                    if (/^[45]/.test(String(resp.statusCode))) {
-                        return Promise.reject(
-                            `ERROR: ${JSON.parse(resp.body).message}`,
-                        );
-                    } else {
-                        return resp;
-                    }
+            };
+            this.http = HTTP({
+                baseURL: 'https://api.github.com',
+                headers: {
+                    ...this.headers,
+                    ...(isStash && proxy
+                        ? {
+                              'X-Stash-Selected-Proxy':
+                                  encodeURIComponent(proxy),
+                          }
+                        : {}),
+                    ...(isShadowRocket && proxy
+                        ? { 'X-Surge-Policy': proxy }
+                        : {}),
                 },
-            },
-        });
+
+                ...(proxy ? { proxy } : {}),
+                ...(isLoon && proxy ? { node: proxy } : {}),
+                ...(isQX && proxy ? { opts: { policy: proxy } } : {}),
+                ...(proxy ? getPolicyDescriptor(proxy) : {}),
+                timeout,
+
+                events: {
+                    onResponse: (resp) => {
+                        if (/^[45]/.test(String(resp.statusCode))) {
+                            return Promise.reject(
+                                `ERROR: ${JSON.parse(resp.body).message}`,
+                            );
+                        } else {
+                            return resp;
+                        }
+                    },
+                },
+            });
+        }
+
         this.key = key;
+        this.syncPlatform = syncPlatform;
     }
 
     async locate() {
-        return this.http.get('/gists').then((response) => {
-            const gists = JSON.parse(response.body);
-            for (let g of gists) {
-                if (g.description === this.key) {
-                    return g.id;
+        if (this.syncPlatform === 'gitlab') {
+            return this.http.get('/snippets').then((response) => {
+                const gists = JSON.parse(response.body);
+
+                for (let g of gists) {
+                    if (g.title === this.key) {
+                        return g;
+                    }
                 }
-            }
-            return -1;
-        });
+                return;
+            });
+        } else {
+            return this.http.get('/gists').then((response) => {
+                const gists = JSON.parse(response.body);
+                for (let g of gists) {
+                    if (g.description === this.key) {
+                        return g;
+                    }
+                }
+                return;
+            });
+        }
     }
 
-    async upload(files) {
-        if (Object.keys(files).length === 0) {
+    async upload(input) {
+        if (Object.keys(input).length === 0) {
             return Promise.reject('未提供需上传的文件');
         }
 
-        const id = await this.locate();
+        const gist = await this.locate();
 
-        if (id === -1) {
-            // create a new gist for backup
-            return this.http.post({
-                url: '/gists',
-                body: JSON.stringify({
-                    description: this.key,
-                    public: false,
-                    files,
-                }),
+        let files = input;
+
+        if (gist?.id) {
+            if (this.syncPlatform === 'gitlab') {
+                gist.files = gist.files.reduce((acc, item) => {
+                    acc[item.path] = item;
+                    return acc;
+                }, {});
+            }
+            // console.log(`files`, files);
+            // console.log(`gist`, gist.files);
+            let actions = [];
+            const result = { ...gist.files };
+            Object.keys(files).map((key) => {
+                if (result[key]) {
+                    if (
+                        files[key].content == null ||
+                        files[key].content === ''
+                    ) {
+                        delete result[key];
+                        actions.push({
+                            action: 'delete',
+                            file_path: key,
+                        });
+                    } else {
+                        result[key] = files[key];
+                        actions.push({
+                            action: 'update',
+                            file_path: key,
+                            content: files[key].content,
+                        });
+                    }
+                } else {
+                    if (
+                        files[key].content == null ||
+                        files[key].content === ''
+                    ) {
+                        delete result[key];
+                        delete files[key];
+                    } else {
+                        result[key] = files[key];
+                        actions.push({
+                            action: 'create',
+                            file_path: key,
+                            content: files[key].content,
+                        });
+                    }
+                }
             });
+            // console.log(`result`, result);
+            // console.log(`files`, files);
+            // console.log(`actions`, actions);
+
+            if (this.syncPlatform === 'gitlab') {
+                if (Object.keys(result).length === 0) {
+                    return Promise.reject(
+                        '本次操作将导致所有文件的内容都为空, 无法更新 snippet',
+                    );
+                }
+                if (Object.keys(result).length > 10) {
+                    return Promise.reject(
+                        '本次操作将导致 snippet 的文件数超过 10, 无法更新 snippet',
+                    );
+                }
+                files = actions;
+                return this.http.put({
+                    headers: {
+                        ...this.headers,
+                        'Content-Type': 'application/json',
+                    },
+                    url: `/snippets/${gist.id}`,
+                    body: JSON.stringify({ files }),
+                });
+            } else {
+                if (Object.keys(result).length === 0) {
+                    return Promise.reject(
+                        '本次操作将导致所有文件的内容都为空, 无法更新 gist',
+                    );
+                }
+                return this.http.patch({
+                    url: `/gists/${gist.id}`,
+                    body: JSON.stringify({ files }),
+                });
+            }
         } else {
-            // update an existing gist
-            return this.http.patch({
-                url: `/gists/${id}`,
-                body: JSON.stringify({ files }),
-            });
+            files = Object.entries(files).reduce((acc, [key, file]) => {
+                if (file.content !== null && file.content !== '') {
+                    acc[key] = file;
+                }
+                return acc;
+            }, {});
+            if (this.syncPlatform === 'gitlab') {
+                if (Object.keys(files).length === 0) {
+                    return Promise.reject(
+                        '所有文件的内容都为空, 无法创建 snippet',
+                    );
+                }
+                files = Object.keys(files).map((key) => ({
+                    file_path: key,
+                    content: files[key].content,
+                }));
+                return this.http.post({
+                    headers: {
+                        ...this.headers,
+                        'Content-Type': 'application/json',
+                    },
+                    url: '/snippets',
+                    body: JSON.stringify({
+                        title: this.key,
+                        visibility: 'private',
+                        files,
+                    }),
+                });
+            } else {
+                if (Object.keys(files).length === 0) {
+                    return Promise.reject(
+                        '所有文件的内容都为空, 无法创建 gist',
+                    );
+                }
+                return this.http.post({
+                    url: '/gists',
+                    body: JSON.stringify({
+                        description: this.key,
+                        public: false,
+                        files,
+                    }),
+                });
+            }
         }
     }
 
     async download(filename) {
-        const id = await this.locate();
-        if (id === -1) {
-            return Promise.reject('未找到Gist备份！');
-        } else {
+        const gist = await this.locate();
+        if (gist?.id) {
             try {
                 const { files } = await this.http
-                    .get(`/gists/${id}`)
+                    .get(`/gists/${gist.id}`)
                     .then((resp) => JSON.parse(resp.body));
                 const url = files[filename].raw_url;
                 return await this.http.get(url).then((resp) => resp.body);
             } catch (err) {
                 return Promise.reject(err);
             }
+        } else {
+            return Promise.reject('找不到 Sub-Store Gist');
         }
     }
 }

backend/src/utils/headers-resource-cache.js

@@ -0,0 +1,117 @@
+import $ from '@/core/app';
+import {
+    HEADERS_RESOURCE_CACHE_KEY,
+    CHR_EXPIRATION_TIME_KEY,
+} from '@/constants';
+
+class ResourceCache {
+    constructor() {
+        this.expires = getExpiredTime();
+        if (!$.read(HEADERS_RESOURCE_CACHE_KEY)) {
+            $.write('{}', HEADERS_RESOURCE_CACHE_KEY);
+        }
+        try {
+            this.resourceCache = JSON.parse($.read(HEADERS_RESOURCE_CACHE_KEY));
+        } catch (e) {
+            $.error(
+                `解析持久化缓存中的 ${HEADERS_RESOURCE_CACHE_KEY} 失败, 重置为 {}, 错误: ${
+                    e?.message ?? e
+                }`,
+            );
+            this.resourceCache = {};
+            $.write('{}', HEADERS_RESOURCE_CACHE_KEY);
+        }
+        this._cleanup();
+    }
+
+    _cleanup() {
+        // clear obsolete cached resource
+        let clear = false;
+        Object.entries(this.resourceCache).forEach((entry) => {
+            const [id, updated] = entry;
+            if (!updated.time) {
+                // clear old version cache
+                delete this.resourceCache[id];
+                $.delete(`#${id}`);
+                clear = true;
+            }
+            if (new Date().getTime() - updated.time > this.expires) {
+                delete this.resourceCache[id];
+                clear = true;
+            }
+        });
+        if (clear) this._persist();
+    }
+
+    revokeAll() {
+        this.resourceCache = {};
+        this._persist();
+    }
+
+    _persist() {
+        $.write(JSON.stringify(this.resourceCache), HEADERS_RESOURCE_CACHE_KEY);
+    }
+
+    get(id) {
+        const updated = this.resourceCache[id] && this.resourceCache[id].time;
+        if (updated && new Date().getTime() - updated <= this.expires) {
+            return this.resourceCache[id].data;
+        }
+        return null;
+    }
+
+    gettime(id) {
+        const updated = this.resourceCache[id] && this.resourceCache[id].time;
+        if (updated && new Date().getTime() - updated <= this.expires) {
+            return this.resourceCache[id].time;
+        }
+        return null;
+    }
+
+    set(id, value) {
+        this.resourceCache[id] = { time: new Date().getTime(), data: value };
+        this._persist();
+    }
+}
+
+function getExpiredTime() {
+    // console.log($.read(CHR_EXPIRATION_TIME_KEY));
+    if (!$.read(CHR_EXPIRATION_TIME_KEY)) {
+        $.write('6e4', CHR_EXPIRATION_TIME_KEY); // 1分钟
+    }
+    let expiration = 6e4;
+    if ($.env.isLoon) {
+        const loont = {
+            // Loon 插件自义定
+            '1\u5206\u949f': 6e4,
+            '5\u5206\u949f': 3e5,
+            '10\u5206\u949f': 6e5,
+            '30\u5206\u949f': 18e5, // "30分钟"
+            '1\u5c0f\u65f6': 36e5,
+            '2\u5c0f\u65f6': 72e5,
+            '3\u5c0f\u65f6': 108e5,
+            '6\u5c0f\u65f6': 216e5,
+            '12\u5c0f\u65f6': 432e5,
+            '24\u5c0f\u65f6': 864e5,
+            '48\u5c0f\u65f6': 1728e5,
+            '72\u5c0f\u65f6': 2592e5, // "72小时"
+            '\u53c2\u6570\u4f20\u5165': 'readcachets', // "参数输入"
+        };
+        let intimed = $.read(
+            '#\u54cd\u5e94\u5934\u7f13\u5b58\u6709\u6548\u671f',
+        ); // Loon #响应头缓存有效期
+        // console.log(intimed);
+        if (intimed in loont) {
+            expiration = loont[intimed];
+            if (expiration === 'readcachets') {
+                expiration = intimed;
+            }
+        }
+        return expiration;
+    } else {
+        expiration = $.read(CHR_EXPIRATION_TIME_KEY);
+        return expiration;
+    }
+}
+
+export default new ResourceCache();

backend/src/utils/index.js

@@ -1,3 +1,4 @@
+import * as ipAddress from 'ip-address';
 // source: https://stackoverflow.com/a/36760050
 const IPV4_REGEX = /^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)(\.(?!$)|$)){4}$/;
 
@@ -13,6 +14,12 @@ function isIPv6(ip) {
     return IPV6_REGEX.test(ip);
 }
 
+function isValidPortNumber(port) {
+    return /^((6553[0-5])|(655[0-2][0-9])|(65[0-4][0-9]{2})|(6[0-4][0-9]{3})|([1-5][0-9]{4})|([0-5]{0,5})|([0-9]{1,4}))$/.test(
+        port,
+    );
+}
+
 function isNotBlank(str) {
     return typeof str === 'string' && str.trim().length > 0;
 }
@@ -29,4 +36,98 @@ function getIfPresent(obj, defaultValue) {
     return isPresent(obj) ? obj : defaultValue;
 }
 
-export { isIPv4, isIPv6, isNotBlank, getIfNotBlank, isPresent, getIfPresent };
+function getPolicyDescriptor(str) {
+    if (!str) return {};
+    return /^.+?\s*?=\s*?.+?\s*?,.+?/.test(str)
+        ? {
+              'policy-descriptor': str,
+          }
+        : {
+              policy: str,
+          };
+}
+
+// const utf8ArrayToStr =
+//     typeof TextDecoder !== 'undefined'
+//         ? (v) => new TextDecoder().decode(new Uint8Array(v))
+//         : (function () {
+//               var charCache = new Array(128); // Preallocate the cache for the common single byte chars
+//               var charFromCodePt = String.fromCodePoint || String.fromCharCode;
+//               var result = [];
+
+//               return function (array) {
+//                   var codePt, byte1;
+//                   var buffLen = array.length;
+
+//                   result.length = 0;
+
+//                   for (var i = 0; i < buffLen; ) {
+//                       byte1 = array[i++];
+
+//                       if (byte1 <= 0x7f) {
+//                           codePt = byte1;
+//                       } else if (byte1 <= 0xdf) {
+//                           codePt = ((byte1 & 0x1f) << 6) | (array[i++] & 0x3f);
+//                       } else if (byte1 <= 0xef) {
+//                           codePt =
+//                               ((byte1 & 0x0f) << 12) |
+//                               ((array[i++] & 0x3f) << 6) |
+//                               (array[i++] & 0x3f);
+//                       } else if (String.fromCodePoint) {
+//                           codePt =
+//                               ((byte1 & 0x07) << 18) |
+//                               ((array[i++] & 0x3f) << 12) |
+//                               ((array[i++] & 0x3f) << 6) |
+//                               (array[i++] & 0x3f);
+//                       } else {
+//                           codePt = 63; // Cannot convert four byte code points, so use "?" instead
+//                           i += 3;
+//                       }
+
+//                       result.push(
+//                           charCache[codePt] ||
+//                               (charCache[codePt] = charFromCodePt(codePt)),
+//                       );
+//                   }
+
+//                   return result.join('');
+//               };
+//           })();
+
+function getRandomInt(min, max) {
+    min = Math.ceil(min);
+    max = Math.floor(max);
+    return Math.floor(Math.random() * (max - min + 1)) + min;
+}
+
+function getRandomPort(portString) {
+    let portParts = portString.split(/,|\//);
+    let randomPart = portParts[Math.floor(Math.random() * portParts.length)];
+    if (randomPart.includes('-')) {
+        let [min, max] = randomPart.split('-').map(Number);
+        return getRandomInt(min, max);
+    } else {
+        return Number(randomPart);
+    }
+}
+
+function numberToString(value) {
+    return Number.isSafeInteger(value)
+        ? String(value)
+        : BigInt(value).toString();
+}
+
+export {
+    ipAddress,
+    isIPv4,
+    isIPv6,
+    isValidPortNumber,
+    isNotBlank,
+    getIfNotBlank,
+    isPresent,
+    getIfPresent,
+    // utf8ArrayToStr,
+    getPolicyDescriptor,
+    getRandomPort,
+    numberToString,
+};

backend/src/utils/resource-cache.js

@@ -7,7 +7,17 @@ class ResourceCache {
         if (!$.read(RESOURCE_CACHE_KEY)) {
             $.write('{}', RESOURCE_CACHE_KEY);
         }
-        this.resourceCache = JSON.parse($.read(RESOURCE_CACHE_KEY));
+        try {
+            this.resourceCache = JSON.parse($.read(RESOURCE_CACHE_KEY));
+        } catch (e) {
+            $.error(
+                `解析持久化缓存中的 ${RESOURCE_CACHE_KEY} 失败, 重置为 {}, 错误: ${
+                    e?.message ?? e
+                }`,
+            );
+            this.resourceCache = {};
+            $.write('{}', RESOURCE_CACHE_KEY);
+        }
         this._cleanup();
     }
 

backend/src/utils/rs.js

@@ -0,0 +1,11 @@
+import rs from 'jsrsasign';
+
+export function generateFingerprint(caStr) {
+    const hex = rs.pemtohex(caStr);
+    const fingerPrint = rs.KJUR.crypto.Util.hashHex(hex, 'sha256');
+    return fingerPrint.match(/.{2}/g).join(':').toUpperCase();
+}
+
+export default {
+    generateFingerprint,
+};

backend/src/utils/script-resource-cache.js

@@ -10,7 +10,17 @@ class ResourceCache {
         if (!$.read(SCRIPT_RESOURCE_CACHE_KEY)) {
             $.write('{}', SCRIPT_RESOURCE_CACHE_KEY);
         }
-        this.resourceCache = JSON.parse($.read(SCRIPT_RESOURCE_CACHE_KEY));
+        try {
+            this.resourceCache = JSON.parse($.read(SCRIPT_RESOURCE_CACHE_KEY));
+        } catch (e) {
+            $.error(
+                `解析持久化缓存中的 ${SCRIPT_RESOURCE_CACHE_KEY} 失败, 重置为 {}, 错误: ${
+                    e?.message ?? e
+                }`,
+            );
+            this.resourceCache = {};
+            $.write('{}', SCRIPT_RESOURCE_CACHE_KEY);
+        }
         this._cleanup();
     }
 

backend/src/utils/user-agent.js

@@ -1,4 +1,4 @@
-export function getPlatformFromHeaders(headers) {
+export function getUserAgentFromHeaders(headers) {
     const keys = Object.keys(headers);
     let UA = '';
     let ua = '';
@@ -9,8 +9,13 @@ export function getPlatformFromHeaders(headers) {
             break;
         }
     }
+    return { UA, ua };
+}
+export function getPlatformFromUserAgent({ ua, UA }) {
     if (UA.indexOf('Quantumult%20X') !== -1) {
         return 'QX';
+    } else if (UA.indexOf('Surfboard') !== -1) {
+        return 'Surfboard';
     } else if (UA.indexOf('Surge Mac') !== -1) {
         return 'SurgeMac';
     } else if (UA.indexOf('Surge') !== -1) {
@@ -18,19 +23,27 @@ export function getPlatformFromHeaders(headers) {
     } else if (UA.indexOf('Decar') !== -1 || UA.indexOf('Loon') !== -1) {
         return 'Loon';
     } else if (UA.indexOf('Shadowrocket') !== -1) {
-        return 'ShadowRocket';
+        return 'Shadowrocket';
     } else if (UA.indexOf('Stash') !== -1) {
         return 'Stash';
     } else if (
         ua === 'meta' ||
-        (ua.indexOf('clash') !== -1 && ua.indexOf('meta') !== -1)
+        (ua.indexOf('clash') !== -1 && ua.indexOf('meta') !== -1) ||
+        ua.indexOf('clash-verge') !== -1 ||
+        ua.indexOf('flclash') !== -1
     ) {
         return 'ClashMeta';
     } else if (ua.indexOf('clash') !== -1) {
         return 'Clash';
     } else if (ua.indexOf('v2ray') !== -1) {
         return 'V2Ray';
+    } else if (ua.indexOf('sing-box') !== -1) {
+        return 'sing-box';
     } else {
         return 'JSON';
     }
 }
+export function getPlatformFromHeaders(headers) {
+    const { UA, ua } = getUserAgentFromHeaders(headers);
+    return getPlatformFromUserAgent({ ua, UA });
+}

backend/src/utils/yaml.js

@@ -0,0 +1,37 @@
+import YAML from 'static-js-yaml';
+
+function retry(fn, content, ...args) {
+    try {
+        return fn(content, ...args);
+    } catch (e) {
+        return fn(
+            dump(
+                fn(
+                    content.replace(/!<str>\s*/g, '__SubStoreJSYAMLString__'),
+                    ...args,
+                ),
+            ).replace(/__SubStoreJSYAMLString__/g, ''),
+            ...args,
+        );
+    }
+}
+
+export function safeLoad(content, ...args) {
+    return retry(YAML.safeLoad, JSON.parse(JSON.stringify(content)), ...args);
+}
+export function load(content, ...args) {
+    return retry(YAML.load, JSON.parse(JSON.stringify(content)), ...args);
+}
+export function safeDump(content, ...args) {
+    return YAML.safeDump(JSON.parse(JSON.stringify(content)), ...args);
+}
+export function dump(content, ...args) {
+    return YAML.dump(JSON.parse(JSON.stringify(content)), ...args);
+}
+
+export default {
+    safeLoad,
+    load,
+    safeDump,
+    dump,
+};

backend/src/vendor/express.js

@@ -161,7 +161,7 @@ export default function express({ substore: $, port, host }) {
 
     function Response() {
         let statusCode = 200;
-        const { isQX, isLoon, isSurge } = ENV();
+        const { isQX, isLoon, isSurge, isGUIforCores } = ENV();
         const headers = DEFAULT_HEADERS;
         const STATUS_CODE_MAP = {
             200: 'HTTP/1.1 200 OK',
@@ -184,7 +184,7 @@ export default function express({ substore: $, port, host }) {
                     body,
                     headers,
                 };
-                if (isQX) {
+                if (isQX || isGUIforCores) {
                     $done(response);
                 } else if (isLoon || isSurge) {
                     $done({

backend/src/vendor/open-api.js

@@ -6,6 +6,9 @@ const isNode = eval(`typeof process !== "undefined"`); // eval is needed in orde
 const isStash =
     'undefined' !== typeof $environment && $environment['stash-version'];
 const isShadowRocket = 'undefined' !== typeof $rocket;
+const isEgern = 'object' == typeof egern;
+const isLanceX = 'undefined' != typeof $native;
+const isGUIforCores = typeof $Plugins !== 'undefined';
 
 export class OpenAPI {
     constructor(name = 'untitled', debug = false) {
@@ -46,7 +49,10 @@ export class OpenAPI {
             this.cache = JSON.parse($prefs.valueForKey(this.name) || '{}');
         if (isLoon || isSurge)
             this.cache = JSON.parse($persistentStore.read(this.name) || '{}');
-
+        if (isGUIforCores)
+            this.cache = JSON.parse(
+                $Plugins.SubStoreCache.get(this.name) || '{}',
+            );
         if (isNode) {
             // create a json for root cache
             const basePath =
@@ -84,6 +90,7 @@ export class OpenAPI {
         const data = JSON.stringify(this.cache, null, 2);
         if (isQX) $prefs.setValueForKey(data, this.name);
         if (isLoon || isSurge) $persistentStore.write(data, this.name);
+        if (isGUIforCores) $Plugins.SubStoreCache.set(this.name, data);
         if (isNode) {
             const basePath =
                 eval('process.env.SUB_STORE_DATA_BASE_PATH') || '.';
@@ -116,6 +123,9 @@ export class OpenAPI {
             if (isNode) {
                 this.root[key] = data;
             }
+            if (isGUIforCores) {
+                return $Plugins.SubStoreCache.set(key, data);
+            }
         } else {
             this.cache[key] = data;
         }
@@ -135,6 +145,9 @@ export class OpenAPI {
             if (isNode) {
                 return this.root[key];
             }
+            if (isGUIforCores) {
+                return $Plugins.SubStoreCache.get(key);
+            }
         } else {
             return this.cache[key];
         }
@@ -153,6 +166,9 @@ export class OpenAPI {
             if (isNode) {
                 delete this.root[key];
             }
+            if (isGUIforCores) {
+                return $Plugins.SubStoreCache.remove(key);
+            }
         } else {
             delete this.cache[key];
         }
@@ -191,6 +207,35 @@ export class OpenAPI {
                 (openURL ? `\n点击跳转: ${openURL}` : '') +
                 (mediaURL ? `\n多媒体: ${mediaURL}` : '');
             console.log(`${title}\n${subtitle}\n${content_}\n\n`);
+
+            let push = eval('process.env.SUB_STORE_PUSH_SERVICE');
+            if (push) {
+                const url = push
+                    .replace(
+                        '[推送标题]',
+                        encodeURIComponent(title || 'Sub-Store'),
+                    )
+                    .replace(
+                        '[推送内容]',
+                        encodeURIComponent(
+                            [subtitle, content_].map((i) => i).join('\n'),
+                        ),
+                    );
+                const $http = HTTP();
+                $http
+                    .get({ url })
+                    .then((resp) => {
+                        console.log(
+                            `[Push Service] URL: ${url}\nRES: ${resp.statusCode} ${resp.body}`,
+                        );
+                    })
+                    .catch((e) => {
+                        console.log(`[Push Service] URL: ${url}\nERROR: ${e}`);
+                    });
+            }
+        }
+        if (isGUIforCores) {
+            $Plugins.Notify(title, subtitle + '\n' + content);
         }
     }
 
@@ -212,7 +257,7 @@ export class OpenAPI {
     }
 
     done(value = {}) {
-        if (isQX || isLoon || isSurge) {
+        if (isQX || isLoon || isSurge || isGUIforCores) {
             $done(value);
         } else if (isNode) {
             if (typeof $context !== 'undefined') {
@@ -225,11 +270,21 @@ export class OpenAPI {
 }
 
 export function ENV() {
-    return { isQX, isLoon, isSurge, isNode, isStash, isShadowRocket };
+    return {
+        isQX,
+        isLoon,
+        isSurge,
+        isNode,
+        isStash,
+        isShadowRocket,
+        isEgern,
+        isLanceX,
+        isGUIforCores,
+    };
 }
 
 export function HTTP(defaultOptions = { baseURL: '' }) {
-    const { isQX, isLoon, isSurge, isNode } = ENV();
+    const { isQX, isLoon, isSurge, isNode, isGUIforCores } = ENV();
     const methods = [
         'GET',
         'POST',
@@ -279,31 +334,80 @@ export function HTTP(defaultOptions = { baseURL: '' }) {
                 url: options.url,
                 headers: options.headers,
                 body: options.body,
+                opts: options.opts,
             });
         } else if (isLoon || isSurge || isNode) {
             worker = new Promise((resolve, reject) => {
                 const request = isNode
                     ? eval("require('request')")
                     : $httpClient;
-                request[method.toLowerCase()](
-                    options,
-                    (err, response, body) => {
-                        if (err) reject(err);
-                        else
-                            resolve({
-                                statusCode:
-                                    response.status || response.statusCode,
-                                headers: response.headers,
-                                body,
-                            });
-                    },
-                );
+                const body = options.body;
+                const opts = JSON.parse(JSON.stringify(options));
+                opts.body = body;
+
+                if (!isNode && opts.timeout) {
+                    opts.timeout++;
+                    let unit = 'ms';
+                    // 这些客户端单位为 s
+                    if (isSurge || isStash || isShadowRocket) {
+                        opts.timeout = Math.ceil(opts.timeout / 1000);
+                        unit = 's';
+                    }
+                    // Loon 为 ms
+                    // console.log(`[httpClient timeout] ${opts.timeout}${unit}`);
+                }
+                request[method.toLowerCase()](opts, (err, response, body) => {
+                    // if (err) {
+                    //     console.log(err);
+                    // } else {
+                    //     console.log({
+                    //         statusCode:
+                    //             response.status || response.statusCode,
+                    //         headers: response.headers,
+                    //         body,
+                    //     });
+                    // }
+
+                    if (err) reject(err);
+                    else
+                        resolve({
+                            statusCode: response.status || response.statusCode,
+                            headers: response.headers,
+                            body,
+                        });
+                });
+            });
+        } else if (isGUIforCores) {
+            worker = new Promise(async (resolve, reject) => {
+                try {
+                    const response = await $Plugins.Requests({
+                        method,
+                        url: options.url,
+                        headers: options.headers,
+                        body: options.body,
+                        options: {
+                            Proxy: options.proxy,
+                            Timeout: options.timeout
+                                ? options.timeout / 1000
+                                : 15,
+                        },
+                    });
+                    resolve({
+                        statusCode: response.status,
+                        headers: response.headers,
+                        body: response.body,
+                    });
+                } catch (error) {
+                    reject(error);
+                }
             });
         }
 
         let timeoutid;
+
         const timer = timeout
             ? new Promise((_, reject) => {
+                  //   console.log(`[request timeout] ${timeout}ms`);
                   timeoutid = setTimeout(() => {
                       events.onTimeout();
                       return reject(

config/Egern.yaml

@@ -0,0 +1,37 @@
+name: Sub-Store
+description: "支持 Surge 正式版的参数设置功能. 测落地功能 ability: http-client-policy, 同步配置的定时 cronexp: 55 23 * * *"
+compat_arguments:
+  ability: http-client-policy
+  cronexp: 55 23 * * *
+  sync: '"Sub-Store Sync"'
+  timeout: "120"
+  engine: auto
+  produce: '"# Sub-Store Produce"'
+  produce_cronexp: 50 */6 * * *
+  produce_sub: '"sub1,sub2"'
+  produce_col: '"col1,col2"'
+compat_arguments_desc: '\n1️⃣ ability\n\n默认已开启测落地能力\n需要配合脚本操作\n如 https://raw.githubusercontent.com/Keywos/rule/main/cname.js\n填写任意其他值关闭\n\n2️⃣ cronexp\n\n同步配置定时任务\n默认为每天 23 点 55 分\n\n定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 ''同步'' 或 ''同步配置''\n\n3️⃣ sync\n\n自定义定时任务名\n便于在脚本编辑器中选择\n若设为 # 可取消定时任务\n\n4️⃣ timeout\n\n脚本超时, 单位为秒\n\n5️⃣ engine\n\n默认为自动使用 webview 引擎, 可设为指定 jsc, 但 jsc 容易爆内存\n\n6️⃣ produce\n\n自定义处理订阅的定时任务名\n一般用于定时处理耗时较长的订阅, 以更新缓存\n这样 Surge 中拉取的时候就能用到缓存, 不至于总是超时\n若设为 # 可取消此定时任务\n默认不开启\n\n7️⃣ produce_cronexp\n\n配置处理订阅的定时任务\n\n默认为每 6 小时\n\n9️⃣ produce_sub\n\n自定义需定时处理的单条订阅名\n多个用 , 连接\n\n🔟 produce_col\n\n自定义需定时处理的组合订阅名\n多个用 , 连接\n\n⚠️ 注意: 是 名称(name) 不是 显示名称(displayName)\n如果名称需要编码, 请编码后再用 , 连接\n顺序: 并发执行单条订阅, 然后并发执行组合订阅'
+scriptings:
+  - http_request:
+      name: Sub-Store Core
+      match: ^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info)))
+      script_url: https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-1.min.js
+      body_required: true
+  - http_request:
+      name: Sub-Store Simple
+      match: ^https?:\/\/sub\.store
+      script_url: https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-0.min.js
+      body_required: true
+  - schedule:
+      name: "{{{sync}}}"
+      cron: "{{{cronexp}}}"
+      script_url: https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js
+  - schedule:
+      name: "{{{produce}}}"
+      cron: "{{{produce_cronexp}}}"
+      script_url: https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js
+      arguments:
+        _compat.$argument: '"sub={{{produce_sub}}}&col={{{produce_col}}}"'
+mitm:
+  hostnames:
+    - sub.store

config/Loon.plugin

@@ -1,10 +1,11 @@
 #!name=Sub-Store
-#!desc=高级订阅管理工具
+#!desc=高级订阅管理工具. 定时任务默认为每天 23 点 55 分. 定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'
 #!openUrl=https://sub.store
 #!author=Peng-YM
 #!homepage=https://github.com/sub-store-org/Sub-Store
 #!icon=https://raw.githubusercontent.com/58xinian/icon/master/Sub-Store1.png
 #!select = 节点缓存有效期,1分钟,5分钟,10分钟,30分钟,1小时,2小时,3小时,6小时,12小时,24小时,48小时,72小时,参数传入
+#!select = 响应头缓存有效期,1分钟,5分钟,10分钟,30分钟,1小时,2小时,3小时,6小时,12小时,24小时,48小时,72小时,参数传入
 
 [Rule]
 DOMAIN,sub-store.vercel.app,PROXY
@@ -13,7 +14,7 @@ DOMAIN,sub-store.vercel.app,PROXY
 hostname=sub.store
 
 [Script]
-http-request ^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))) script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-1.min.js, requires-body=true, timeout=120, tag=Sub-Store Core
-http-request ^https?:\/\/sub\.store script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-0.min.js, requires-body=true, timeout=120, tag=Sub-Store Simple
+http-request ^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))) script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-1.min.js, requires-body=true, timeout=120, tag=Sub-Store Core
+http-request ^https?:\/\/sub\.store script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-0.min.js, requires-body=true, timeout=120, tag=Sub-Store Simple
 
-cron "0 0 * * *" script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js, tag=Sub-Store Sync
+cron "55 23 * * *" script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js, timeout=120, tag=Sub-Store Sync

config/QX-Task.json

@@ -1,7 +1,7 @@
 {
-    "name":"Sub-Store",
-    "description":"",
-    "task":[
-      "0 0 * * * https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js, tag=Sub-Store Sync, img-url=https://raw.githubusercontent.com/58xinian/icon/master/Sub-Store1.png"
-    ]
-}
+  "name": "Sub-Store",
+  "description": "定时任务默认为每天 23 点 55 分. 定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'",
+  "task": [
+    "55 23 * * * https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js, tag=Sub-Store Sync, img-url=https://raw.githubusercontent.com/58xinian/icon/master/Sub-Store1.png"
+  ]
+}

config/QX.snippet

@@ -1,4 +1,4 @@
 hostname=sub.store
 
-^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))) url script-analyze-echo-response https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-1.min.js
-^https?:\/\/sub\.store url script-analyze-echo-response https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-0.min.js
+^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))) url script-analyze-echo-response https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-1.min.js
+^https?:\/\/sub\.store url script-analyze-echo-response https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-0.min.js

config/README.md

@@ -6,29 +6,57 @@ Sub-Store Releases: [`https://github.com/sub-store-org/Sub-Store/releases`](http
 
 Telegram 频道: [`https://t.me/cool_scripts` ](https://t.me/cool_scripts)
 
-## 脚本配置：
+## 服务器/云平台/Docker/Android 版
+
+https://xream.notion.site/Sub-Store-abe6a96944724dc6a36833d5c9ab7c87
+
+## App 版
 
 ### 1. Loon
 安装使用 插件 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Loon.plugin`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Loon.plugin) 即可。
 
 ### 2. Surge
-1. 官方默认版模块(目前不带 ability 参数, 不保证以后不会改动): [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge.sgmodule)
 
-2. 固定带 ability 参数版本,可能会爆内存, 如果需要使用指定节点功能 例如[加国旗脚本或者cname脚本] 请使用此带 ability 参数版本: [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-ability.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-ability.sgmodule)
+#### 关于 Surge 的格外说明
 
-3. 固定不带 ability 参数版本： [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Noability.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Noability.sgmodule)
+Surge Mac 版如何支持 SSR, 如何去除 HTTP 传输层以支持 类似 VMess HTTP 节点等 请查看 [链接参数说明](https://github.com/sub-store-org/Sub-Store/wiki/%E9%93%BE%E6%8E%A5%E5%8F%82%E6%95%B0%E8%AF%B4%E6%98%8E)
+
+定时处理订阅 功能, 避免 App 内拉取超时, 请查看 [定时处理订阅](https://t.me/zhetengsha/1449)
+
+0. 最新 Surge iOS TestFlight 版本 可使用 Beta 版(支持最新 Surge iOS TestFlight 版本的特性): [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Beta.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Beta.sgmodule)
+
+1. 官方默认版模块(支持 App 内使用编辑参数): [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge.sgmodule)
+
+> 最新版 Surge 已删除 `ability: http-client-policy` 参数, 模块暂不做修改, 对测落地功能无影响
+
+2. 经典版, 不支持编辑参数, 固定带 ability 参数版本, 使用 jsc 引擎时, 可能会爆内存, 如果需要使用指定节点功能 例如[加旗帜脚本或者cname脚本] 请使用此带 ability 参数版本: [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-ability.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-ability.sgmodule)
+
+3. 经典版, 不支持编辑参数, 固定不带 ability 参数版本： [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Noability.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Noability.sgmodule)
 
 
 ### 3. QX
 订阅 重写 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/QX.snippet`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/QX.snippet) 即可。
 
+定时任务: [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/QX-Task.json`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/QX-Task.json)
+
 ### 4. Stash
 安装使用 覆写 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Stash.stoverride`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Stash.stoverride) 即可。
 
 ### 5. Shadowrocket
-安装使用 模块 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge.sgmodule) 即可。
+安装使用 模块 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Noability.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Noability.sgmodule) 即可。
+
+### 6. Egern
+安装使用 模块 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Egern.yaml`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Egern.yaml) 即可。
 
 ## 使用 Sub-Store
 1. 使用 Safari 打开这个 https://sub.store 如网页正常打开并且未弹出任何错误提示，说明 Sub-Store 已经配置成功。
 2. 可以把 Sub-Store 添加到主屏幕，即可获得类似于 APP 的使用体验。
 3. 更详细的使用指南请参考[文档](https://www.notion.so/Sub-Store-6259586994d34c11a4ced5c406264b46)。
+
+## 链接参数说明
+
+https://github.com/sub-store-org/Sub-Store/wiki/%E9%93%BE%E6%8E%A5%E5%8F%82%E6%95%B0%E8%AF%B4%E6%98%8E
+
+## 脚本使用说明
+
+https://github.com/sub-store-org/Sub-Store/wiki/%E8%84%9A%E6%9C%AC%E4%BD%BF%E7%94%A8%E8%AF%B4%E6%98%8E

config/Stash.stoverride

@@ -1,5 +1,6 @@
 name: Sub-Store
-desc: 高级订阅管理工具 @Peng-YM
+desc: 高级订阅管理工具 @Peng-YM. 定时任务默认为每天  23 点 55 分. 定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'
+icon: https://raw.githubusercontent.com/cc63/ICON/main/Sub-Store.png
 
 http:
   mitm:
@@ -19,18 +20,18 @@ http:
 cron:
   script:
     - name: cron-sync-artifacts
-      cron: "0 0 * * *"
+      cron: "55 23 * * *"
       timeout: 120
 
 script-providers:
   sub-store-0:
-    url: https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-0.min.js
+    url: https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-0.min.js
     interval: 86400
 
   sub-store-1:
-    url: https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-1.min.js
+    url: https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-1.min.js
     interval: 86400
 
   cron-sync-artifacts:
-    url: https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js
-    interval: 86400
+    url: https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js
+    interval: 86400

config/Surge-Beta.sgmodule

@@ -0,0 +1,17 @@
+#!name=Sub-Store(β)
+#!desc=支持 Surge 正式版的参数设置功能. 测落地功能 ability: http-client-policy, 同步配置的定时 cronexp: 55 23 * * *
+#!category=订阅管理
+#!arguments=ability:http-client-policy,cronexp:55 23 * * *,sync:"Sub-Store Sync",timeout:120,engine:auto,produce:"# Sub-Store Produce",produce_cronexp:50 */6 * * *,produce_sub:"sub1,sub2",produce_col:"col1,col2"
+#!arguments-desc=\n1️⃣ ability\n\n默认已开启测落地能力\n需要配合脚本操作\n如 https://raw.githubusercontent.com/Keywos/rule/main/cname.js\n填写任意其他值关闭\n\n2️⃣ cronexp\n\n同步配置定时任务\n默认为每天 23 点 55 分\n\n定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'\n\n3️⃣ sync\n\n自定义定时任务名\n便于在脚本编辑器中选择\n若设为 # 可取消定时任务\n\n4️⃣ timeout\n\n脚本超时, 单位为秒\n\n5️⃣ engine\n\n默认为自动使用 webview 引擎, 可设为指定 jsc, 但 jsc 容易爆内存\n\n6️⃣ produce\n\n自定义处理订阅的定时任务名\n一般用于定时处理耗时较长的订阅, 以更新缓存\n这样 Surge 中拉取的时候就能用到缓存, 不至于总是超时\n若设为 # 可取消此定时任务\n默认不开启\n\n7️⃣ produce_cronexp\n\n配置处理订阅的定时任务\n\n默认为每 6 小时\n\n9️⃣ produce_sub\n\n自定义需定时处理的单条订阅名\n多个用 , 连接\n\n🔟 produce_col\n\n自定义需定时处理的组合订阅名\n多个用 , 连接\n\n⚠️ 注意: 是 名称(name) 不是 显示名称(displayName)\n如果名称需要编码, 请编码后再用 , 连接\n顺序: 并发执行单条订阅, 然后并发执行组合订阅
+
+[MITM]
+hostname = %APPEND% sub.store
+
+[Script]
+Sub-Store Core=type=http-request,pattern=^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))),script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-1.min.js,requires-body=true,timeout={{{timeout}}},ability="{{{ability}}}",engine={{{engine}}}
+
+Sub-Store Simple=type=http-request,pattern=^https?:\/\/sub\.store,script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-0.min.js,requires-body=true,timeout={{{timeout}}},engine={{{engine}}}
+
+{{{sync}}}=type=cron,cronexp="{{{cronexp}}}",wake-system=1,timeout={{{timeout}}},script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js,engine={{{engine}}}
+
+{{{produce}}}=type=cron,cronexp="{{{produce_cronexp}}}",wake-system=1,timeout={{{timeout}}},script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js,engine={{{engine}}},argument="sub={{{produce_sub}}}&col={{{produce_col}}}"

config/Surge-Noability.sgmodule

@@ -1,12 +1,13 @@
 #!name=Sub-Store
-#!desc=高级订阅管理工具 @Peng-YM  无 ability 参数版本,不会爆内存, 如果需要使用指定节点功能 例如[加国旗脚本或者cname脚本] 可以用带 ability 参数
+#!desc=高级订阅管理工具 @Peng-YM  无 ability 参数版本,不会爆内存, 如果需要使用指定节点功能 例如[加旗帜脚本或者cname脚本] 可以用带 ability 参数. 定时任务默认为每天  23 点 55 分. 定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'
+#!category=订阅管理
 
 [MITM]
 hostname = %APPEND% sub.store
 
 [Script]
-# 主程序 已经去掉 Sub-Store Core 的参数 [,ability=http-client-policy] 不会爆内存，这个参数在 Surge 非常占用内存； 如果不需要使用指定节点功能 例如[加国旗脚本或者cname脚本] 则可以使用此脚本
-Sub-Store Core=type=http-request,pattern=^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))),script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-1.min.js,requires-body=true,timeout=120
-Sub-Store Simple=type=http-request,pattern=^https?:\/\/sub\.store,script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-0.min.js,requires-body=true
+# 主程序 已经去掉 Sub-Store Core 的参数 [,ability=http-client-policy] 不会爆内存，这个参数在 Surge 非常占用内存； 如果不需要使用指定节点功能 例如[加旗帜脚本或者cname脚本] 则可以使用此脚本
+Sub-Store Core=type=http-request,pattern=^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))),script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-1.min.js,requires-body=true,timeout=120
+Sub-Store Simple=type=http-request,pattern=^https?:\/\/sub\.store,script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-0.min.js,requires-body=true,timeout=120
 
-Sub-Store Sync=type=cron,cronexp=0 0 * * *,wake-system=1,timeout=120,script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js
+Sub-Store Sync=type=cron,cronexp=55 23 * * *,wake-system=1,timeout=120,script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js

config/Surge-ability.sgmodule

@@ -1,11 +1,12 @@
 #!name=Sub-Store
-#!desc=高级订阅管理工具 @Peng-YM  带 ability 参数版本, 可能会爆内存, 如果不需要使用指定节点功能 例如[加国旗脚本或者cname脚本] 可以用不带 ability 参数版本
+#!desc=高级订阅管理工具 @Peng-YM  带 ability 参数版本, 使用 jsc 引擎时, 可能会爆内存, 如果不需要使用指定节点功能 例如[加旗帜脚本或者cname脚本] 可以用不带 ability 参数版本. 定时任务默认为每天 23 点 55 分. 定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'
+#!category=订阅管理
 
 [MITM]
 hostname = %APPEND% sub.store
 
 [Script]
-Sub-Store Core=type=http-request,pattern=^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))),script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-1.min.js,requires-body=true,timeout=120,ability=http-client-policy
-Sub-Store Simple=type=http-request,pattern=^https?:\/\/sub\.store,script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-0.min.js,requires-body=true
+Sub-Store Core=type=http-request,pattern=^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))),script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-1.min.js,requires-body=true,timeout=120,ability=http-client-policy
+Sub-Store Simple=type=http-request,pattern=^https?:\/\/sub\.store,script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-0.min.js,requires-body=true,timeout=120
 
-Sub-Store Sync=type=cron,cronexp=0 0 * * *,wake-system=1,timeout=120,script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js
+Sub-Store Sync=type=cron,cronexp=55 23 * * *,wake-system=1,timeout=120,script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js

config/Surge.sgmodule

@@ -1,11 +1,17 @@
 #!name=Sub-Store
-#!desc=高级订阅管理工具 @Peng-YM  无 ability 参数版本,不会爆内存, 如果需要使用指定节点功能 例如[加国旗脚本或者cname脚本] 可以用带 ability 参数
+#!desc=支持 Surge 正式版的参数设置功能. 测落地功能 ability: http-client-policy, 同步配置的定时 cronexp: 55 23 * * *
+#!category=订阅管理
+#!arguments=ability:http-client-policy,cronexp:55 23 * * *,sync:"Sub-Store Sync",timeout:120,engine:auto,produce:"# Sub-Store Produce",produce_cronexp:50 */6 * * *,produce_sub:"sub1,sub2",produce_col:"col1,col2"
+#!arguments-desc=\n1️⃣ ability\n\n默认已开启测落地能力\n需要配合脚本操作\n如 https://raw.githubusercontent.com/Keywos/rule/main/cname.js\n填写任意其他值关闭\n\n2️⃣ cronexp\n\n同步配置定时任务\n默认为每天 23 点 55 分\n\n定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'\n\n3️⃣ sync\n\n自定义定时任务名\n便于在脚本编辑器中选择\n若设为 # 可取消定时任务\n\n4️⃣ timeout\n\n脚本超时, 单位为秒\n\n5️⃣ engine\n\n默认为自动使用 webview 引擎, 可设为指定 jsc, 但 jsc 容易爆内存\n\n6️⃣ produce\n\n自定义处理订阅的定时任务名\n一般用于定时处理耗时较长的订阅, 以更新缓存\n这样 Surge 中拉取的时候就能用到缓存, 不至于总是超时\n若设为 # 可取消此定时任务\n默认不开启\n\n7️⃣ produce_cronexp\n\n配置处理订阅的定时任务\n\n默认为每 6 小时\n\n9️⃣ produce_sub\n\n自定义需定时处理的单条订阅名\n多个用 , 连接\n\n🔟 produce_col\n\n自定义需定时处理的组合订阅名\n多个用 , 连接\n\n⚠️ 注意: 是 名称(name) 不是 显示名称(displayName)\n如果名称需要编码, 请编码后再用 , 连接\n顺序: 并发执行单条订阅, 然后并发执行组合订阅
 
 [MITM]
 hostname = %APPEND% sub.store
 
 [Script]
-Sub-Store Core=type=http-request,pattern=^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))),script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-1.min.js,requires-body=true,timeout=120
-Sub-Store Simple=type=http-request,pattern=^https?:\/\/sub\.store,script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-0.min.js,requires-body=true
+Sub-Store Core=type=http-request,pattern=^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info))),script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-1.min.js,requires-body=true,timeout={{{timeout}}},ability="{{{ability}}}",engine={{{engine}}}
 
-Sub-Store Sync=type=cron,cronexp=0 0 * * *,wake-system=1,timeout=120,script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js
+Sub-Store Simple=type=http-request,pattern=^https?:\/\/sub\.store,script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/sub-store-0.min.js,requires-body=true,timeout={{{timeout}}},engine={{{engine}}}
+
+{{{sync}}}=type=cron,cronexp="{{{cronexp}}}",wake-system=1,timeout={{{timeout}}},script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js,engine={{{engine}}}
+
+{{{produce}}}=type=cron,cronexp="{{{produce_cronexp}}}",wake-system=1,timeout={{{timeout}}},script-path=https://raw.githubusercontent.com/sub-store-org/Sub-Store/release/cron-sync-artifacts.min.js,engine={{{engine}}},argument="sub={{{produce_sub}}}&col={{{produce_col}}}"

scripts/demo.js

@@ -0,0 +1,247 @@
+function operator(proxies = [], targetPlatform, context) {
+  // 支持快捷操作 不一定要写一个 function
+  // 可参考 https://t.me/zhetengsha/970
+  // https://t.me/zhetengsha/1009
+
+  // proxies 为传入的内部节点数组
+  // 可在预览界面点击节点查看 JSON 结构 或查看 `target=JSON` 的通用订阅
+  // 0. 结构大致参考了 Clash.Meta(mihomo), 可参考 mihomo 的文档, 例如 `xudp`, `smux` 都可以自己设置. 但是有私货, 下面是我能想起来的一些私货
+  // 1. `_no-resolve` 为不解析域名
+  // 2. 域名解析后 会多一个 `_resolved` 字段, 表示是否解析成功
+  // 3. 域名解析后会有`_IPv4`, `_IPv6`, `_IP`(若有多个步骤, 只取第一次成功的 v4 或 v6 数据), `_IP4P`(若解析类型为 IPv6 且符合 IP4P 类型, 将自动转换), `_domain` 字段, `_resolved_ips` 为解析出的所有 IP
+  // 4. 节点字段 `exec` 为 `ssr-local` 路径, 默认 `/usr/local/bin/ssr-local`; 端口从 10000 开始递增(暂不支持配置)
+  // 5. `_subName` 为单条订阅名, `_subDisplayName` 为单条订阅显示名
+  // 6. `_collectionName` 为组合订阅名, `_collectionDisplayName` 为组合订阅显示名
+  // 7. `tls-fingerprint` 为 tls 指纹
+  // 8. `underlying-proxy` 为前置代理
+  // 9. `trojan`, `tuic`, `hysteria`, `hysteria2`, `juicity` 会在解析时设置 `tls`: true (会使用 tls 类协议的通用逻辑),  输出时删除
+  // 10. `sni` 在某些协议里会自动与 `servername` 转换
+  // 11. 读取节点的 ca-str 和 _ca (后端文件路径) 字段, 自动计算 fingerprint (参考 https://t.me/zhetengsha/1512)
+  // 12. 以 Surge 为例, 最新的参数一般我都会跟进, 以 Surge 文档为例, 一些常用的: TUIC/Hysteria 2 的 `ecn`, Snell 的 `reuse` 连接复用, QUIC 策略 block-quic`, Hysteria 2 下载带宽 `down`
+  // 13. `test-url` 为测延迟链接, `test-timeout` 为测延迟超时
+  // 14. `ports` 为端口跳跃, `hop-interval` 变换端口号的时间间隔
+  // 15. `ip-version` 设置节点使用 IP 版本，可选：dual，ipv4，ipv6，ipv4-prefer，ipv6-prefer. 会进行内部转换, 若无法匹配则使用原始值
+
+  // require 为 Node.js 的 require, 在 Node.js 运行环境下 可以用来引入模块
+
+  // $arguments 为传入的脚本参数
+
+  // $options 为通过链接传入的参数
+  // 例如: { arg1: 'a', arg2: 'b' }
+  // 可这样传:
+  // 先这样处理 encodeURIComponent(JSON.stringify({ arg1: 'a', arg2: 'b' }))
+  // /api/file/foo?$options=%7B%22arg1%22%3A%22a%22%2C%22arg2%22%3A%22b%22%7D
+  // 或这样传:
+  // 先这样处理 encodeURIComponent('arg1=a&arg2=b')
+  // /api/file/foo?$options=arg1%3Da%26arg2%3Db
+
+  // console.log($options)
+
+  // targetPlatform 为输出的目标平台
+
+  // lodash
+
+  // $substore 为 OpenAPI
+  // 参考 https://github.com/Peng-YM/QuanX/blob/master/Tools/OpenAPI/README.md
+
+  // scriptResourceCache 缓存
+  // 可参考 https://t.me/zhetengsha/1003
+  // const cache = scriptResourceCache
+  // cache.set(id, data)
+  // cache.get(id)
+
+  // ProxyUtils 为节点处理工具
+  // 可参考 https://t.me/zhetengsha/1066
+  // const ProxyUtils = {
+  //     parse, // 订阅解析
+  //     process, // 节点操作/文件操作
+  //     produce, // 输出订阅
+  //     getRandomPort, // 获取随机端口(参考 ports 端口跳跃的格式 443,8443,5000-6000)
+  //     ipAddress, // https://github.com/beaugunderson/ip-address
+  //     isIPv4,
+  //     isIPv6,
+  //     isIP,
+  //     yaml, // yaml 解析和生成
+  //     getFlag, // 获取 emoji 旗帜
+  //     removeFlag, // 移除 emoji 旗帜
+  //     getISO, // 获取 ISO 3166-1 alpha-2 代码
+  //     Gist, // Gist 类
+  //     download, // 内部的下载方法, 见 backend/src/utils/download.js
+  // }
+
+  // 如果只是为了快速修改或者筛选 可以参考 脚本操作支持节点快捷脚本 https://t.me/zhetengsha/970 和 脚本筛选支持节点快捷脚本 https://t.me/zhetengsha/1009
+  // ⚠️ 注意: 函数式(即本文件这样的 function operator() {}) 和快捷操作(下面使用 $server) 只能二选一
+  // 示例: 给节点名添加前缀
+  // $server.name = `[${ProxyUtils.getISO($server.name)}] ${$server.name}`
+  // 示例: 给节点名添加旗帜
+  // $server.name = `[${ProxyUtils.getFlag($server.name).replace(/🇹🇼/g, '🇼🇸')}] ${ProxyUtils.removeFlag($server.name)}`
+
+  // 示例: 从 sni 文件中读取内容并进行节点操作
+  // const sni = await produceArtifact({
+  //     type: 'file',
+  //     name: 'sni' // 文件名
+  // });
+  // $server.sni = sni
+
+  // 1. Surge 输出 WireGuard 完整配置
+
+  // let proxies = await produceArtifact({
+  //   type: 'subscription',
+  //   name: 'sub',
+  //   platform: 'Surge',
+  //   produceOpts: {
+  //     'include-unsupported-proxy': true,
+  //   }
+  // })
+  // $content = proxies
+
+  // 2. sing-box
+
+  // 但是一般不需要这样用, 可参考
+  // 1. https://t.me/zhetengsha/1111
+  // 2. https://t.me/zhetengsha/1070
+  // 3. https://t.me/zhetengsha/1241
+
+  // let singboxProxies = await produceArtifact({
+  //     type: 'subscription', // type: 'subscription' 或 'collection'
+  //     name: 'sub', // subscription name
+  //     platform: 'sing-box', // target platform
+  //     produceType: 'internal' // 'internal' produces an Array, otherwise produces a String( JSON.parse('JSON String') )
+  // })
+
+  // // JSON
+  // $content = JSON.stringify({}, null, 2)
+
+  // 3. clash.meta
+
+  // 但是一般不需要这样用, 可参考
+  // 1. https://t.me/zhetengsha/1111
+  // 2. https://t.me/zhetengsha/1070
+  // 3. https://t.me/zhetengsha/1234
+
+  // let clashMetaProxies = await produceArtifact({
+  //     type: 'subscription',
+  //     name: 'sub',
+  //     platform: 'ClashMeta',
+  //     produceType: 'internal' // 'internal' produces an Array, otherwise produces a String( ProxyUtils.yaml.safeLoad('YAML String').proxies )
+  // })
+
+  // 4. 一个比较折腾的方案: 在脚本操作中, 把内容同步到另一个 gist
+  // 见 https://t.me/zhetengsha/1428
+  //
+  // const content = ProxyUtils.produce([...proxies], platform)
+
+  // // YAML
+  // ProxyUtils.yaml.load('YAML String')
+  // ProxyUtils.yaml.safeLoad('YAML String')
+  // $content = ProxyUtils.yaml.safeDump({})
+  // $content = ProxyUtils.yaml.dump({})
+
+  // 一个往文件里插入本地节点的例子:
+  // const yaml = ProxyUtils.yaml.safeLoad($content ?? $files[0])
+  // let clashMetaProxies = await produceArtifact({
+  //     type: 'collection',
+  //     name: '机场',
+  //     platform: 'ClashMeta',
+  //     produceType: 'internal'
+  // })
+  // yaml.proxies.unshift(...clashMetaProxies)
+  // $content = ProxyUtils.yaml.dump(yaml)
+
+  // { $content, $files, $options } will be passed to the next operator
+  // $content is the final content of the file
+
+  // flowUtils 为机场订阅流量信息处理工具
+  // 可参考:
+  // 1. https://t.me/zhetengsha/948
+
+  // context 为传入的上下文
+  // 其中 source 为 订阅和组合订阅的数据, 有三种情况, 按需判断 (若只需要取订阅/组合订阅名称 直接用 `_subName` `_subDisplayName` `_collectionName` `_collectionDisplayName` 即可)
+
+  // 若存在 `source._collection` 且 `source._collection.subscriptions` 中的 key 在 `source` 上也存在, 说明输出结果为组合订阅, 但是脚本设置在单条订阅上
+
+  // 若存在 `source._collection` 但 `source._collection.subscriptions` 中的 key 在 `source` 上不存在, 说明输出结果为组合订阅, 脚本设置在组合订阅上
+
+  // 若不存在 `source._collection`, 说明输出结果为单条订阅, 脚本设置在此单条订阅上
+
+  // 1. 输出单条订阅 sub-1 时, 该单条订阅中的脚本上下文为:
+  // {
+  //   "source": {
+  //     "sub-1": {
+  //       "name": "sub-1",
+  //       "displayName": "",
+  //       "mergeSources": "",
+  //       "ignoreFailedRemoteSub": true,
+  //       "process": [],
+  //       "icon": "",
+  //       "source": "local",
+  //       "url": "",
+  //       "content": "",
+  //       "ua": "",
+  //       "display-name": "",
+  //       "useCacheForFailedRemoteSub": false
+  //     }
+  //   },
+  //   "backend": "Node",
+  //   "version": "2.14.198"
+  // }
+  // 2. 输出组合订阅 collection-1 时, 该组合订阅中的脚本上下文为:
+  // {
+  //   "source": {
+  //     "_collection": {
+  //       "name": "collection-1",
+  //       "displayName": "",
+  //       "mergeSources": "",
+  //       "ignoreFailedRemoteSub": false,
+  //       "icon": "",
+  //       "process": [],
+  //       "subscriptions": [
+  //         "sub-1"
+  //       ],
+  //       "display-name": ""
+  //     }
+  //   },
+  //   "backend": "Node",
+  //   "version": "2.14.198"
+  // }
+  // 3. 输出组合订阅 collection-1 时, 该组合订阅中的单条订阅 sub-1 中的某个脚本上下文为:
+  // {
+  //   "source": {
+  //     "sub-1": {
+  //       "name": "sub-1",
+  //       "displayName": "",
+  //       "mergeSources": "",
+  //       "ignoreFailedRemoteSub": true,
+  //       "icon": "",
+  //       "process": [],
+  //       "source": "local",
+  //       "url": "",
+  //       "content": "",
+  //       "ua": "",
+  //       "display-name": "",
+  //       "useCacheForFailedRemoteSub": false
+  //     },
+  //     "_collection": {
+  //       "name": "collection-1",
+  //       "displayName": "",
+  //       "mergeSources": "",
+  //       "ignoreFailedRemoteSub": false,
+  //       "icon": "",
+  //       "process": [],
+  //       "subscriptions": [
+  //         "sub-1"
+  //       ],
+  //       "display-name": ""
+  //     }
+  //   },
+  //   "backend": "Node",
+  //   "version": "2.14.198"
+  // }
+
+  // 参数说明
+  // 可参考 https://github.com/sub-store-org/Sub-Store/wiki/%E9%93%BE%E6%8E%A5%E5%8F%82%E6%95%B0%E8%AF%B4%E6%98%8E
+
+  console.log(JSON.stringify(context, null, 2));
+
+  return proxies;
+}

scripts/fancy-characters.js

@@ -3,7 +3,7 @@
  *
  * 【字体】
  * 可参考：https://www.dute.org/weird-fonts
- * serif-bold, serif-italic, serif-bold-italic, sans-serif-regular, sans-serif-bold-italic, script-regular, script-bold, fraktur-regular, fraktur-bold, monospace-regular, double-struck-bold, circle-regular, square-regular
+ * serif-bold, serif-italic, serif-bold-italic, sans-serif-regular, sans-serif-bold-italic, script-regular, script-bold, fraktur-regular, fraktur-bold, monospace-regular, double-struck-bold, circle-regular, square-regular, modifier-letter(小写没有 q, 用 ᵠ 替代. 大写缺的太多, 用小写替代)
  *
  * 【示例】
  * 1️⃣ 设置所有格式为 "serif-bold"
@@ -31,6 +31,7 @@ function operator(proxies) {
         "double-struck-bold": ["𝟘","𝟙","𝟚","𝟛","𝟜","𝟝","𝟞","𝟟","𝟠","𝟡","𝕒","𝕓","𝕔","𝕕","𝕖","𝕗","𝕘","𝕙","𝕚","𝕛","𝕜","𝕝","𝕞","𝕟","𝕠","𝕡","𝕢","𝕣","𝕤","𝕥","𝕦","𝕧","𝕨","𝕩","𝕪","𝕫","𝔸","𝔹","ℂ","𝔻","𝔼","𝔽","𝔾","ℍ","𝕀","𝕁","𝕂","𝕃","𝕄","ℕ","𝕆","ℙ","ℚ","ℝ","𝕊","𝕋","𝕌","𝕍","𝕎","𝕏","𝕐","ℤ"],
         "circle-regular": ["⓪","①","②","③","④","⑤","⑥","⑦","⑧","⑨","ⓐ","ⓑ","ⓒ","ⓓ","ⓔ","ⓕ","ⓖ","ⓗ","ⓘ","ⓙ","ⓚ","ⓛ","ⓜ","ⓝ","ⓞ","ⓟ","ⓠ","ⓡ","ⓢ","ⓣ","ⓤ","ⓥ","ⓦ","ⓧ","ⓨ","ⓩ","Ⓐ","Ⓑ","Ⓒ","Ⓓ","Ⓔ","Ⓕ","Ⓖ","Ⓗ","Ⓘ","Ⓙ","Ⓚ","Ⓛ","Ⓜ","Ⓝ","Ⓞ","Ⓟ","Ⓠ","Ⓡ","Ⓢ","Ⓣ","Ⓤ","Ⓥ","Ⓦ","Ⓧ","Ⓨ","Ⓩ"],
         "square-regular": ["0","1","2","3","4","5","6","7","8","9","🄰","🄱","🄲","🄳","🄴","🄵","🄶","🄷","🄸","🄹","🄺","🄻","🄼","🄽","🄾","🄿","🅀","🅁","🅂","🅃","🅄","🅅","🅆","🅇","🅈","🅉","🄰","🄱","🄲","🄳","🄴","🄵","🄶","🄷","🄸","🄹","🄺","🄻","🄼","🄽","🄾","🄿","🅀","🅁","🅂","🅃","🅄","🅅","🅆","🅇","🅈","🅉"],
+        "modifier-letter": ["⁰", "¹", "²", "³", "⁴", "⁵", "⁶", "⁷", "⁸", "⁹", "ᵃ", "ᵇ", "ᶜ", "ᵈ", "ᵉ", "ᶠ", "ᵍ", "ʰ", "ⁱ", "ʲ", "ᵏ", "ˡ", "ᵐ", "ⁿ", "ᵒ", "ᵖ", "ᵠ", "ʳ", "ˢ", "ᵗ", "ᵘ", "ᵛ", "ʷ", "ˣ", "ʸ", "ᶻ", "ᴬ", "ᴮ", "ᶜ", "ᴰ", "ᴱ", "ᶠ", "ᴳ", "ʰ", "ᴵ", "ᴶ", "ᴷ", "ᴸ", "ᴹ", "ᴺ", "ᴼ", "ᴾ", "ᵠ", "ᴿ", "ˢ", "ᵀ", "ᵁ", "ᵛ", "ᵂ", "ˣ", "ʸ", "ᶻ"],
     };
 
     // charCode => index in `TABLE`

scripts/ip-flag-node.js

@@ -0,0 +1,79 @@
+const $ = $substore;
+
+const {onlyFlagIP = true} = $arguments
+
+async function operator(proxies) {
+    const BATCH_SIZE = 10;
+
+    let i = 0;
+    while (i < proxies.length) {
+        const batch = proxies.slice(i, i + BATCH_SIZE);
+        await Promise.all(batch.map(async proxy => {
+            if (onlyFlagIP && !ProxyUtils.isIP(proxy.server)) return;
+            try {
+                // remove the original flag
+                let proxyName = removeFlag(proxy.name);
+
+                // query ip-api
+                const countryCode = await queryIpApi(proxy);
+
+                proxyName = getFlagEmoji(countryCode) + ' ' + proxyName;
+                proxy.name = proxyName;
+            } catch (err) {
+                // TODO:
+            }
+        }));
+
+        await sleep(1000);
+        i += BATCH_SIZE;
+    }
+    return proxies;
+}
+
+
+async function queryIpApi(proxy) {
+    const ua = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:78.0) Gecko/20100101 Firefox/78.0";
+    const headers = {
+        "User-Agent": ua
+    };
+    const result = new Promise((resolve, reject) => {
+        const url =
+            `http://ip-api.com/json/${encodeURIComponent(proxy.server)}?lang=zh-CN`;
+        $.http.get({
+            url,
+            headers,
+        }).then(resp => {
+            const data = JSON.parse(resp.body);
+            if (data.status === "success") {
+                resolve(data.countryCode);
+            } else {
+                reject(new Error(data.message));
+            }
+        }).catch(err => {
+            console.log(err);
+            reject(err);
+        });
+    });
+    return result;
+}
+
+function getFlagEmoji(countryCode) {
+    const codePoints = countryCode
+        .toUpperCase()
+        .split('')
+        .map(char => 127397 + char.charCodeAt());
+    return String
+        .fromCodePoint(...codePoints)
+        .replace(/🇹🇼/g, '🇨🇳');
+}
+
+function removeFlag(str) {
+    return str
+        .replace(/[\uD83C][\uDDE6-\uDDFF][\uD83C][\uDDE6-\uDDFF]/g, '')
+        .trim();
+}
+
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+