feat: 脚本操作传入上下文 require (仅对应的环境支持)

Merge pull request #350 from egerndaddy/patch-1
添加 Egern 的模块支持
2025-08-10 00:52:40 +00:00 · 2024-08-31 18:48:47 +08:00 · 2024-08-29 13:34:08 +08:00 · 2024-08-29 13:26:27 +08:00 · 2024-08-29 13:09:59 +08:00 · 2024-08-29 12:30:49 +08:00
53 changed files with 1369 additions and 278 deletions
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -44,14 +44,20 @@ jobs:
          cd backend
          SUBSTORE_RELEASE=`node --eval="process.stdout.write(require('./package.json').version)"`
          echo "release_tag=$SUBSTORE_RELEASE" >> $GITHUB_OUTPUT
+      - name: Prepare release
+        run: |
+          cd backend
+          pnpm i -D conventional-changelog-cli
+          pnpm run changelog
      - name: Release
        uses: softprops/action-gh-release@v1
        if: ${{ success() }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
+          body_path: ./backend/CHANGELOG.md
          tag_name: ${{ steps.tag.outputs.release_tag }}
-          generate_release_notes: true
+          # generate_release_notes: true
          files: |
            ./backend/sub-store.min.js
            ./backend/dist/sub-store-0.min.js
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@ Advanced Subscription Manager for QX, Loon, Surge, Stash and Shadowrocket.
 </p>

 [![Build](https://github.com/sub-store-org/Sub-Store/actions/workflows/main.yml/badge.svg)](https://github.com/sub-store-org/Sub-Store/actions/workflows/main.yml) ![GitHub](https://img.shields.io/github/license/sub-store-org/Sub-Store) ![GitHub issues](https://img.shields.io/github/issues/sub-store-org/Sub-Store) ![GitHub closed pull requests](https://img.shields.io/github/issues-pr-closed-raw/Peng-Ym/Sub-Store) ![Lines of code](https://img.shields.io/tokei/lines/github/sub-store-org/Sub-Store) ![Size](https://img.shields.io/github/languages/code-size/sub-store-org/Sub-Store) 
-
+<a href="https://trendshift.io/repositories/4572" target="_blank"><img src="https://trendshift.io/api/badge/repositories/4572" alt="sub-store-org%2FSub-Store | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
 [!["Buy Me A Coffee"](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://www.buymeacoffee.com/PengYM)
   
 Core functionalities:
@@ -35,7 +35,7 @@ Core functionalities:
 - [x] Surfboard (SS, VMess, Trojan, HTTP, SOCKS5, SOCKS5-TLS, WireGuard(Surfboard to Surfboard))
 - [x] Shadowrocket (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, Hysteria 2, TUIC)
 - [x] Clash.Meta (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, Hysteria 2, TUIC)
- [x] Stash (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, TUIC)
+- [x] Stash (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, TUIC, Juicity, SSH)
 - [x] Clash (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard)

 ### Supported Target Platforms
--- a/backend/package.json
+++ b/backend/package.json
@@ -1,6 +1,6 @@
 {
  "name": "sub-store",
-  "version": "2.14.295",
+  "version": "2.14.366",
  "description": "Advanced Subscription Manager for QX, Loon, Surge, Stash and ShadowRocket.",
  "main": "src/main.js",
  "scripts": {
@@ -11,18 +11,24 @@
    "dev:esbuild": "nodemon -w src -w package.json dev-esbuild.js",
    "dev:run": "nodemon -w sub-store.min.js sub-store.min.js",
    "build": "gulp",
-    "bundle": "node bundle.js"
+    "bundle": "node bundle.js",
+    "changelog": "conventional-changelog -p cli -i CHANGELOG.md -s"
  },
  "author": "Peng-YM",
  "license": "GPL-3.0",
  "dependencies": {
+    "@maxmind/geoip2-node": "^5.0.0",
    "automerge": "1.0.1-preview.7",
    "body-parser": "^1.19.0",
+    "buffer": "^6.0.3",
    "connect-history-api-fallback": "^2.0.0",
    "cron": "^3.1.6",
+    "dns-packet": "^5.6.1",
    "express": "^4.17.1",
    "http-proxy-middleware": "^2.0.6",
+    "ip-address": "^9.0.5",
    "js-base64": "^3.7.2",
+    "jsrsasign": "^11.1.0",
    "lodash": "^4.17.21",
    "request": "^2.88.2",
    "requests": "^0.3.0",
--- a/backend/pnpm-lock.yaml
+++ b/backend/pnpm-lock.yaml
@@ -5,27 +5,42 @@ settings:
  excludeLinksFromLockfile: false

 dependencies:
+  '@maxmind/geoip2-node':
+    specifier: ^5.0.0
+    version: registry.npmmirror.com/@maxmind/geoip2-node@5.0.0
  automerge:
    specifier: 1.0.1-preview.7
    version: registry.npmmirror.com/automerge@1.0.1-preview.7
  body-parser:
    specifier: ^1.19.0
    version: registry.npmmirror.com/body-parser@1.19.0
+  buffer:
+    specifier: ^6.0.3
+    version: registry.npmmirror.com/buffer@6.0.3
  connect-history-api-fallback:
    specifier: ^2.0.0
    version: registry.npmmirror.com/connect-history-api-fallback@2.0.0
  cron:
    specifier: ^3.1.6
    version: registry.npmmirror.com/cron@3.1.6
+  dns-packet:
+    specifier: ^5.6.1
+    version: registry.npmmirror.com/dns-packet@5.6.1
  express:
    specifier: ^4.17.1
    version: registry.npmmirror.com/express@4.17.1
  http-proxy-middleware:
    specifier: ^2.0.6
    version: registry.npmmirror.com/http-proxy-middleware@2.0.6
+  ip-address:
+    specifier: ^9.0.5
+    version: registry.npmmirror.com/ip-address@9.0.5
  js-base64:
    specifier: ^3.7.2
    version: registry.npmmirror.com/js-base64@3.7.2
+  jsrsasign:
+    specifier: ^11.1.0
+    version: registry.npmmirror.com/jsrsasign@11.1.0
  lodash:
    specifier: ^4.17.21
    version: registry.npmmirror.com/lodash@4.17.21
@@ -1967,6 +1982,21 @@ packages:
      '@jridgewell/sourcemap-codec': registry.npmmirror.com/@jridgewell/sourcemap-codec@1.4.13
    dev: true

+  registry.npmmirror.com/@leichtgewicht/ip-codec@2.0.5:
+    resolution: {integrity: sha512-Vo+PSpZG2/fmgmiNzYK9qWRh8h/CHrwD0mo1h1DzL4yzHNSfWYujGTYsWGreD000gcgmZ7K4Ys6Tx9TxtsKdDw==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/@leichtgewicht/ip-codec/-/ip-codec-2.0.5.tgz}
+    name: '@leichtgewicht/ip-codec'
+    version: 2.0.5
+    dev: false
+
+  registry.npmmirror.com/@maxmind/geoip2-node@5.0.0:
+    resolution: {integrity: sha512-ki+q5//oU4tZ3BAhegZJcB5czoZyic5JSTEKbrUAQB/BzAoAiGyLW0immEmQvVVyy2SMlvBTJ3zqyRj8K9BbwQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/@maxmind/geoip2-node/-/geoip2-node-5.0.0.tgz}
+    name: '@maxmind/geoip2-node'
+    version: 5.0.0
+    dependencies:
+      ip6addr: registry.npmmirror.com/ip6addr@0.2.5
+      maxmind: registry.npmmirror.com/maxmind@4.3.19
+    dev: false
+
  registry.npmmirror.com/@sindresorhus/is@0.14.0:
    resolution: {integrity: sha512-9NET910DNaIPngYnLLPeg+Ogzqsi9uM4mSboU5y6p8S5DzMTVEsJZrawi+BoDNUVBa2DhJqQYUFvMDfgU062LQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/@sindresorhus/is/-/is-0.14.0.tgz}
    name: '@sindresorhus/is'
@@ -2692,7 +2722,6 @@ packages:
    resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/base64-js/-/base64-js-1.5.1.tgz}
    name: base64-js
    version: 1.5.1
-    dev: true

  registry.npmmirror.com/base@0.11.2:
    resolution: {integrity: sha512-5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/base/-/base-0.11.2.tgz}
@@ -3063,6 +3092,15 @@ packages:
      ieee754: registry.npmmirror.com/ieee754@1.2.1
    dev: true

+  registry.npmmirror.com/buffer@6.0.3:
+    resolution: {integrity: sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/buffer/-/buffer-6.0.3.tgz}
+    name: buffer
+    version: 6.0.3
+    dependencies:
+      base64-js: registry.npmmirror.com/base64-js@1.5.1
+      ieee754: registry.npmmirror.com/ieee754@1.2.1
+    dev: false
+
  registry.npmmirror.com/builtin-status-codes@3.0.0:
    resolution: {integrity: sha512-HpGFw18DgFWlncDfjTa2rcQ4W88O1mC8e8yZ2AvQY5KDaktSTwo+KRf6nHK6FRI5FyRyb/5T6+TSxfP7QyGsmQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz}
    name: builtin-status-codes
@@ -4032,6 +4070,15 @@ packages:
      randombytes: registry.npmmirror.com/randombytes@2.1.0
    dev: true

+  registry.npmmirror.com/dns-packet@5.6.1:
+    resolution: {integrity: sha512-l4gcSouhcgIKRvyy99RNVOgxXiicE+2jZoNmaNmZ6JXiGajBOJAesk1OBlJuM5k2c+eudGdLxDqXuPCKIj6kpw==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/dns-packet/-/dns-packet-5.6.1.tgz}
+    name: dns-packet
+    version: 5.6.1
+    engines: {node: '>=6'}
+    dependencies:
+      '@leichtgewicht/ip-codec': registry.npmmirror.com/@leichtgewicht/ip-codec@2.0.5
+    dev: false
+
  registry.npmmirror.com/doctrine@3.0.0:
    resolution: {integrity: sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/doctrine/-/doctrine-3.0.0.tgz}
    name: doctrine
@@ -5859,7 +5906,6 @@ packages:
    resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/ieee754/-/ieee754-1.2.1.tgz}
    name: ieee754
    version: 1.2.1
-    dev: true

  registry.npmmirror.com/ignore-by-default@1.0.1:
    resolution: {integrity: sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz}
@@ -5988,6 +6034,25 @@ packages:
    engines: {node: '>=0.10.0'}
    dev: true

+  registry.npmmirror.com/ip-address@9.0.5:
+    resolution: {integrity: sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/ip-address/-/ip-address-9.0.5.tgz}
+    name: ip-address
+    version: 9.0.5
+    engines: {node: '>= 12'}
+    dependencies:
+      jsbn: registry.npmmirror.com/jsbn@1.1.0
+      sprintf-js: registry.npmmirror.com/sprintf-js@1.1.3
+    dev: false
+
+  registry.npmmirror.com/ip6addr@0.2.5:
+    resolution: {integrity: sha512-9RGGSB6Zc9Ox5DpDGFnJdIeF0AsqXzdH+FspCfPPaU/L/4tI6P+5lIoFUFm9JXs9IrJv1boqAaNCQmoDADTSKQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/ip6addr/-/ip6addr-0.2.5.tgz}
+    name: ip6addr
+    version: 0.2.5
+    dependencies:
+      assert-plus: registry.npmmirror.com/assert-plus@1.0.0
+      jsprim: registry.npmmirror.com/jsprim@2.0.2
+    dev: false
+
  registry.npmmirror.com/ipaddr.js@1.9.1:
    resolution: {integrity: sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/ipaddr.js/-/ipaddr.js-1.9.1.tgz}
    name: ipaddr.js
@@ -6524,6 +6589,12 @@ packages:
    version: 0.1.1
    dev: false

+  registry.npmmirror.com/jsbn@1.1.0:
+    resolution: {integrity: sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/jsbn/-/jsbn-1.1.0.tgz}
+    name: jsbn
+    version: 1.1.0
+    dev: false
+
  registry.npmmirror.com/jsesc@0.5.0:
    resolution: {integrity: sha512-uZz5UnB7u4T9LvwmFqXii7pZSouaRPorGs5who1Ip7VO0wxanFvBL7GkM6dTHlgX+jhBApRetaWpnDabOeTcnA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/jsesc/-/jsesc-0.5.0.tgz}
    name: jsesc
@@ -6556,6 +6627,12 @@ packages:
    version: 0.2.3
    dev: false

+  registry.npmmirror.com/json-schema@0.4.0:
+    resolution: {integrity: sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/json-schema/-/json-schema-0.4.0.tgz}
+    name: json-schema
+    version: 0.4.0
+    dev: false
+
  registry.npmmirror.com/json-stable-stringify-without-jsonify@1.0.1:
    resolution: {integrity: sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz}
    name: json-stable-stringify-without-jsonify
@@ -6595,6 +6672,24 @@ packages:
      verror: registry.npmmirror.com/verror@1.10.0
    dev: false

+  registry.npmmirror.com/jsprim@2.0.2:
+    resolution: {integrity: sha512-gqXddjPqQ6G40VdnI6T6yObEC+pDNvyP95wdQhkWkg7crHH3km5qP1FsOXEkzEQwnz6gz5qGTn1c2Y52wP3OyQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/jsprim/-/jsprim-2.0.2.tgz}
+    name: jsprim
+    version: 2.0.2
+    engines: {'0': node >=0.6.0}
+    dependencies:
+      assert-plus: registry.npmmirror.com/assert-plus@1.0.0
+      extsprintf: registry.npmmirror.com/extsprintf@1.3.0
+      json-schema: registry.npmmirror.com/json-schema@0.4.0
+      verror: registry.npmmirror.com/verror@1.10.0
+    dev: false
+
+  registry.npmmirror.com/jsrsasign@11.1.0:
+    resolution: {integrity: sha512-Ov74K9GihaK9/9WncTe1mPmvrO7Py665TUfUKvraXBpu+xcTWitrtuOwcjf4KMU9maPaYn0OuaWy0HOzy/GBXg==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/jsrsasign/-/jsrsasign-11.1.0.tgz}
+    name: jsrsasign
+    version: 11.1.0
+    dev: false
+
  registry.npmmirror.com/just-debounce@1.1.0:
    resolution: {integrity: sha512-qpcRocdkUmf+UTNBYx5w6dexX5J31AKK1OmPwH630a83DdVVUIngk55RSAiIGpQyoH0dlr872VHfPjnQnK1qDQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/just-debounce/-/just-debounce-1.1.0.tgz}
    name: just-debounce
@@ -6943,6 +7038,16 @@ packages:
      - supports-color
    dev: true

+  registry.npmmirror.com/maxmind@4.3.19:
+    resolution: {integrity: sha512-Bu/VEN7ZWAOCjifdZaXJQuN6/yO7+OK35pnJsqmz8sOndK3KQFvJoY+6HX09/MmLLqtCfa+sMK0iaQOaTejGNA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/maxmind/-/maxmind-4.3.19.tgz}
+    name: maxmind
+    version: 4.3.19
+    engines: {node: '>=12', npm: '>=6'}
+    dependencies:
+      mmdb-lib: registry.npmmirror.com/mmdb-lib@2.1.0
+      tiny-lru: registry.npmmirror.com/tiny-lru@11.2.6
+    dev: false
+
  registry.npmmirror.com/md5.js@1.3.5:
    resolution: {integrity: sha512-xitP+WxNPcTTOgnTJcrhM0xvdPepipPSf3I8EIpGKeFLjt3PlJLIDG3u8EX53ZIubkb+5U2+3rELYpEhHhzdkg==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/md5.js/-/md5.js-1.3.5.tgz}
    name: md5.js
@@ -7132,6 +7237,13 @@ packages:
    version: 0.5.3
    dev: true

+  registry.npmmirror.com/mmdb-lib@2.1.0:
+    resolution: {integrity: sha512-tdDTZmnI5G4UoSctv2KxM/3VQt2XRj4CmR5R4VsAWsOUcS3LysHR34wtixWm/pXxXdkBDuN92auxkC0T2+qd1Q==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/mmdb-lib/-/mmdb-lib-2.1.0.tgz}
+    name: mmdb-lib
+    version: 2.1.0
+    engines: {node: '>=10', npm: '>=6'}
+    dev: false
+
  registry.npmmirror.com/mocha@10.0.0:
    resolution: {integrity: sha512-0Wl+elVUD43Y0BqPZBzZt8Tnkw9CMUdNYnUsTfOM1vuhJVZL+kiesFYsqwBkEEuEixaiPe5ZQdqDgX2jddhmoA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/mocha/-/mocha-10.0.0.tgz}
    name: mocha
@@ -9002,6 +9114,12 @@ packages:
    version: 1.0.3
    dev: false

+  registry.npmmirror.com/sprintf-js@1.1.3:
+    resolution: {integrity: sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/sprintf-js/-/sprintf-js-1.1.3.tgz}
+    name: sprintf-js
+    version: 1.1.3
+    dev: false
+
  registry.npmmirror.com/sshpk@1.16.1:
    resolution: {integrity: sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/sshpk/-/sshpk-1.16.1.tgz}
    name: sshpk
@@ -9424,6 +9542,13 @@ packages:
      process: registry.npmmirror.com/process@0.11.10
    dev: true

+  registry.npmmirror.com/tiny-lru@11.2.6:
+    resolution: {integrity: sha512-0PU3c9PjMnltZaFo2sGYv/nnJsMjG0Cxx8X6FXHPPGjFyoo1SJDxvUXW1207rdiSxYizf31roo+GrkIByQeZoA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/tiny-lru/-/tiny-lru-11.2.6.tgz}
+    name: tiny-lru
+    version: 11.2.6
+    engines: {node: '>=12'}
+    dev: false
+
  registry.npmmirror.com/tinyify@3.0.0:
    resolution: {integrity: sha512-RtjVjC1xwwxt8AMVfxEmo+FzRJB6p5sAOtFaJj8vMrkWShtArsM4dLVRWhx2Vc07Me3NWgmP7pi9UPm/a2XNNA==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/tinyify/-/tinyify-3.0.0.tgz}
    name: tinyify
--- a/backend/src/core/proxy-utils/index.js
+++ b/backend/src/core/proxy-utils/index.js
@@ -1,3 +1,5 @@
+import { Buffer } from 'buffer';
+import rs from '@/utils/rs';
 import YAML from '@/utils/yaml';
 import download from '@/utils/download';
 import {
@@ -5,7 +7,8 @@ import {
    isIPv6,
    isValidPortNumber,
    isNotBlank,
-    utf8ArrayToStr,
+    ipAddress,
+    getRandomPort,
 } from '@/utils';
 import PROXY_PROCESSORS, { ApplyProcessor } from './processors';
 import PROXY_PREPROCESSORS from './preprocessors';
@@ -15,7 +18,8 @@ import $ from '@/core/app';
 import { FILES_KEY, MODULES_KEY } from '@/constants';
 import { findByName } from '@/utils/database';
 import { produceArtifact } from '@/restful/sync';
-import { getFlag, getISO } from '@/utils/geo';
+import { getFlag, removeFlag, getISO, MMDB } from '@/utils/geo';
+import Gist from '@/utils/gist';

 function preprocess(raw) {
    for (const processor of PROXY_PREPROCESSORS) {
@@ -82,7 +86,7 @@ async function processFn(proxies, operators = [], targetPlatform, source) {
            const { mode, content } = item.args;
            if (mode === 'link') {
                let noCache;
-                let url = content;
+                let url = content || '';
                if (url.endsWith('#noCache')) {
                    url = url.replace(/#noCache$/, '');
                    noCache = true;
@@ -198,6 +202,10 @@ function produce(proxies, targetPlatform, type, opts = {}) {
    );

    proxies = proxies.map((proxy) => {
+        proxy._subName = proxy.subName;
+        proxy._collectionName = proxy.collectionName;
+        proxy._resolved = proxy.resolved;
+
        if (!isNotBlank(proxy.name)) {
            proxy.name = `${proxy.type} ${proxy.server}:${proxy.port}`;
        }
@@ -213,13 +221,24 @@ function produce(proxies, targetPlatform, type, opts = {}) {
                delete proxy['tls-fingerprint'];
            }
        }
+
+        // 处理 端口跳跃
+        if (proxy.ports) {
+            if (!['ClashMeta'].includes(targetPlatform)) {
+                proxy.ports = proxy.ports.replace(/\//g, ',');
+            }
+            if (!proxy.port) {
+                proxy.port = getRandomPort(proxy.ports);
+            }
+        }
+
        return proxy;
    });

    $.log(`Producing proxies for target: ${targetPlatform}`);
    if (typeof producer.type === 'undefined' || producer.type === 'SINGLE') {
        let localPort = 10000;
-        const list = proxies
+        let list = proxies
            .map((proxy) => {
                try {
                    let line = producer.produce(proxy, type, opts);
@@ -245,7 +264,18 @@ function produce(proxies, targetPlatform, type, opts = {}) {
                }
            })
            .filter((line) => line.length > 0);
-        return type === 'internal' ? list : list.join('\n');
+        list = type === 'internal' ? list : list.join('\n');
+        if (
+            targetPlatform.startsWith('Surge') &&
+            proxies.length > 0 &&
+            proxies.every((p) => p.type === 'wireguard')
+        ) {
+            list = `#!name=${proxies[0]?.subName}
+#!desc=${proxies[0]?._desc ?? ''}
+#!category=${proxies[0]?._category ?? ''}
+${list}`;
+        }
+        return list;
    } else if (producer.type === 'ALL') {
        return producer.produce(proxies, type, opts);
    }
@@ -255,12 +285,17 @@ export const ProxyUtils = {
    parse,
    process: processFn,
    produce,
+    ipAddress,
+    getRandomPort,
    isIPv4,
    isIPv6,
    isIP,
    yaml: YAML,
    getFlag,
+    removeFlag,
    getISO,
+    MMDB,
+    Gist,
 };

 function tryParse(parser, line) {
@@ -319,7 +354,11 @@ function lastParse(proxy) {
            proxy.network = 'tcp';
        }
    }
-    if (['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(proxy.type)) {
+    if (
+        ['trojan', 'tuic', 'hysteria', 'hysteria2', 'juicity'].includes(
+            proxy.type,
+        )
+    ) {
        proxy.tls = true;
    }
    if (proxy.network) {
@@ -388,7 +427,30 @@ function lastParse(proxy) {
    if (['hysteria', 'hysteria2'].includes(proxy.type) && !proxy.ports) {
        delete proxy.ports;
    }
+    if (
+        ['hysteria2'].includes(proxy.type) &&
+        proxy.obfs &&
+        !['salamander'].includes(proxy.obfs) &&
+        !proxy['obfs-password']
+    ) {
+        proxy['obfs-password'] = proxy.obfs;
+        proxy.obfs = 'salamander';
+    }
    if (['vless'].includes(proxy.type)) {
+        // 删除 reality-opts: {}
+        if (
+            proxy['reality-opts'] &&
+            Object.keys(proxy['reality-opts']).length === 0
+        ) {
+            delete proxy['reality-opts'];
+        }
+        // 删除 grpc-opts: {}
+        if (
+            proxy['grpc-opts'] &&
+            Object.keys(proxy['grpc-opts']).length === 0
+        ) {
+            delete proxy['grpc-opts'];
+        }
        // 非 reality, 空 flow 没有意义
        if (!proxy['reality-opts'] && !proxy.flow) {
            delete proxy.flow;
@@ -403,6 +465,7 @@ function lastParse(proxy) {
            }
        }
    }
+
    if (typeof proxy.name !== 'string') {
        if (/^\d+$/.test(proxy.name)) {
            proxy.name = `${proxy.name}`;
@@ -411,7 +474,7 @@ function lastParse(proxy) {
                if (proxy.name?.data) {
                    proxy.name = Buffer.from(proxy.name.data).toString('utf8');
                } else {
-                    proxy.name = utf8ArrayToStr(proxy.name);
+                    proxy.name = Buffer.from(proxy.name).toString('utf8');
                }
            } catch (e) {
                $.error(`proxy.name decode failed\nReason: ${e}`);
@@ -419,9 +482,46 @@ function lastParse(proxy) {
            }
        }
    }
+    if (['ws', 'http', 'h2'].includes(proxy.network)) {
+        if (
+            ['ws', 'h2'].includes(proxy.network) &&
+            !proxy[`${proxy.network}-opts`]?.path
+        ) {
+            proxy[`${proxy.network}-opts`] =
+                proxy[`${proxy.network}-opts`] || {};
+            proxy[`${proxy.network}-opts`].path = '/';
+        } else if (
+            proxy.network === 'http' &&
+            (!Array.isArray(proxy[`${proxy.network}-opts`]?.path) ||
+                proxy[`${proxy.network}-opts`]?.path.every((i) => !i))
+        ) {
+            proxy[`${proxy.network}-opts`] =
+                proxy[`${proxy.network}-opts`] || {};
+            proxy[`${proxy.network}-opts`].path = ['/'];
+        }
+    }
    if (['', 'off'].includes(proxy.sni)) {
        proxy['disable-sni'] = true;
    }
+    let caStr = proxy['ca_str'];
+    if (proxy['ca-str']) {
+        caStr = proxy['ca-str'];
+    } else if (caStr) {
+        delete proxy['ca_str'];
+        proxy['ca-str'] = caStr;
+    }
+    try {
+        if ($.env.isNode && !caStr && proxy['_ca']) {
+            caStr = $.node.fs.readFileSync(proxy['_ca'], {
+                encoding: 'utf8',
+            });
+        }
+    } catch (e) {
+        $.error(`Read ca file failed\nReason: ${e}`);
+    }
+    if (!proxy['tls-fingerprint'] && caStr) {
+        proxy['tls-fingerprint'] = rs.generateFingerprint(caStr);
+    }
    return proxy;
 }

--- a/backend/src/core/proxy-utils/parsers/index.js
+++ b/backend/src/core/proxy-utils/parsers/index.js
@@ -16,6 +16,7 @@ import { Base64 } from 'js-base64';
 // Parse SS URI format (only supports new SIP002, legacy format is depreciated).
 // reference: https://github.com/shadowsocks/shadowsocks-org/wiki/SIP002-URI-Scheme
 function URI_SS() {
+    // TODO: 暂不支持 httpupgrade
    const name = 'URI SS Parser';
    const test = (line) => {
        return /^ss:\/\//.test(line);
@@ -157,7 +158,7 @@ function URI_SSR() {
            for (const item of line) {
                let [key, val] = item.split('=');
                val = val.trim();
-                if (val.length > 0) {
+                if (val.length > 0 && val !== '(null)') {
                    other_params[key] = val;
                }
            }
@@ -295,20 +296,35 @@ function URI_VMess() {
                    ? !params.verify_cert
                    : undefined,
            };
+            if (!proxy['skip-cert-verify'] && isPresent(params.allowInsecure)) {
+                proxy['skip-cert-verify'] = /(TRUE)|1/i.test(
+                    params.allowInsecure,
+                );
+            }
            // https://github.com/2dust/v2rayN/wiki/%E5%88%86%E4%BA%AB%E9%93%BE%E6%8E%A5%E6%A0%BC%E5%BC%8F%E8%AF%B4%E6%98%8E(ver-2)
            if (proxy.tls && proxy.sni) {
                proxy.sni = params.sni;
            }
+            let httpupgrade = false;
            // handle obfs
            if (params.net === 'ws' || params.obfs === 'websocket') {
                proxy.network = 'ws';
            } else if (
-                ['tcp', 'http'].includes(params.net) ||
-                params.obfs === 'http'
+                ['http'].includes(params.net) ||
+                ['http'].includes(params.obfs) ||
+                ['http'].includes(params.type)
            ) {
                proxy.network = 'http';
            } else if (['grpc'].includes(params.net)) {
                proxy.network = 'grpc';
+            } else if (
+                params.net === 'httpupgrade' ||
+                proxy.network === 'httpupgrade'
+            ) {
+                proxy.network = 'ws';
+                httpupgrade = true;
+            } else if (params.net === 'h2' || proxy.network === 'h2') {
+                proxy.network = 'h2';
            }
            if (proxy.network) {
                let transportHost = params.host ?? params.obfsParam;
@@ -324,6 +340,10 @@ function URI_VMess() {

                if (proxy.network === 'http') {
                    if (transportHost) {
+                        // 1)http(tcp)->host中间逗号(,)隔开
+                        transportHost = transportHost
+                            .split(',')
+                            .map((i) => i.trim());
                        transportHost = Array.isArray(transportHost)
                            ? transportHost[0]
                            : transportHost;
@@ -332,8 +352,11 @@ function URI_VMess() {
                        transportPath = Array.isArray(transportPath)
                            ? transportPath[0]
                            : transportPath;
+                    } else {
+                        transportPath = '/';
                    }
                }
+                // 传输层应该有配置, 暂时不考虑兼容不给配置的节点
                if (transportPath || transportHost) {
                    if (['grpc'].includes(proxy.network)) {
                        proxy[`${proxy.network}-opts`] = {
@@ -341,10 +364,15 @@ function URI_VMess() {
                            '_grpc-type': getIfNotBlank(params.type),
                        };
                    } else {
-                        proxy[`${proxy.network}-opts`] = {
+                        const opts = {
                            path: getIfNotBlank(transportPath),
                            headers: { Host: getIfNotBlank(transportHost) },
                        };
+                        if (httpupgrade) {
+                            opts['v2ray-http-upgrade'] = true;
+                            opts['v2ray-http-upgrade-fast-open'] = true;
+                        }
+                        proxy[`${proxy.network}-opts`] = opts;
                    }
                } else {
                    delete proxy.network;
@@ -444,10 +472,13 @@ function URI_VLESS() {
                proxy[`${params.security}-opts`] = opts;
            }
        }
-
+        let httpupgrade = false;
        proxy.network = params.type;
        if (proxy.network === 'tcp' && params.headerType === 'http') {
            proxy.network = 'http';
+        } else if (proxy.network === 'httpupgrade') {
+            proxy.network = 'ws';
+            httpupgrade = true;
        }
        if (!proxy.network && isShadowrocket && params.obfs) {
            proxy.network = params.obfs;
@@ -485,6 +516,10 @@ function URI_VLESS() {
            if (['grpc'].includes(proxy.network)) {
                opts['_grpc-type'] = params.mode || 'gun';
            }
+            if (httpupgrade) {
+                opts['v2ray-http-upgrade'] = true;
+                opts['v2ray-http-upgrade-fast-open'] = true;
+            }
            if (Object.keys(opts).length > 0) {
                proxy[`${proxy.network}-opts`] = opts;
            }
@@ -831,6 +866,9 @@ function Clash_All() {
            }
        }

+        if (proxy['server-cert-fingerprint']) {
+            proxy['tls-fingerprint'] = proxy['server-cert-fingerprint'];
+        }
        if (proxy.fingerprint) {
            proxy['tls-fingerprint'] = proxy.fingerprint;
        }
--- a/backend/src/core/proxy-utils/parsers/peggy/loon.js
+++ b/backend/src/core/proxy-utils/parsers/peggy/loon.js
@@ -54,31 +54,31 @@ shadowsocks = tag equals "shadowsocks"i address method password (obfs_typev obfs
        $set(proxy, "plugin-opts.path", obfs.path);
    }
 }
-vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/vmess_alterId/fast_open/udp_relay/others)* {
+vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/vmess_alterId/fast_open/udp_relay/others)* {
    proxy.type = "vmess";
    proxy.cipher = proxy.cipher || "none";
    proxy.alterId = proxy.alterId || 0;
    handleTransport();
 }
-vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/fast_open/udp_relay/others)* {
+vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
    proxy.type = "vless";
    handleTransport();
 }
-trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/fast_open/udp_relay/others)* {
+trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
    proxy.type = "trojan";
    handleTransport();
 }
-hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/udp_relay/fast_open/download_bandwidth/ecn/others)* {
+hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/udp_relay/fast_open/download_bandwidth/salamander_password/ecn/others)* {
    proxy.type = "hysteria2";
 }
-https = tag equals "https"i address (username password)? (tls_host/tls_verification/fast_open/udp_relay/others)* {
+https = tag equals "https"i address (username password)? (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
    proxy.type = "http";
    proxy.tls = true;
 }
 http = tag equals "http"i address (username password)? (fast_open/udp_relay/others)* {
    proxy.type = "http";
 }
-socks5 = tag equals "socks5"i address (username password)? (over_tls/tls_host/tls_verification/fast_open/udp_relay/others)* {
+socks5 = tag equals "socks5"i address (username password)? (over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
    proxy.type = "socks5";
 }

@@ -172,12 +172,16 @@ vmess_alterId = comma "alterId" equals alterId:$[0-9]+ { proxy.alterId = parseIn
 over_tls = comma "over-tls" equals flag:bool { proxy.tls = flag; }
 tls_host = comma sni:("tls-name"/"sni") equals host:domain { proxy.sni = host; }
 tls_verification = comma "skip-cert-verify" equals flag:bool { proxy["skip-cert-verify"] = flag; }
+tls_cert_sha256 = comma "tls-cert-sha256" equals match:[^,]+ { proxy["tls-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+tls_pubkey_sha256 = comma "tls-pubkey-sha256" equals match:[^,]+ { proxy["tls-pubkey-sha256"] = match.join("").replace(/^"(.*)"$/, '$1'); }

 fast_open = comma "fast-open" equals flag:bool { proxy.tfo = flag; }
 udp_relay = comma "udp" equals flag:bool { proxy.udp = flag; }

 ecn = comma "ecn" equals flag:bool { proxy.ecn = flag; }
 download_bandwidth = comma "download-bandwidth" equals match:[^,]+ { proxy.down = match.join(""); }
+salamander_password = comma "salamander-password" equals match:[^,]+ { proxy['obfs-password'] = match.join(""); proxy.obfs = 'salamander'; }
+

 tag = match:[^=,]* { proxy.name = match.join("").trim(); }
 comma = _ "," _
--- a/backend/src/core/proxy-utils/parsers/peggy/loon.peg
+++ b/backend/src/core/proxy-utils/parsers/peggy/loon.peg
@@ -52,31 +52,31 @@ shadowsocks = tag equals "shadowsocks"i address method password (obfs_typev obfs
        $set(proxy, "plugin-opts.path", obfs.path);
    }
 }
-vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/vmess_alterId/fast_open/udp_relay/others)* {
+vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/vmess_alterId/fast_open/udp_relay/others)* {
    proxy.type = "vmess";
    proxy.cipher = proxy.cipher || "none";
    proxy.alterId = proxy.alterId || 0;
    handleTransport();
 }
-vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/fast_open/udp_relay/others)* {
+vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
    proxy.type = "vless";
    handleTransport();
 }
-trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/fast_open/udp_relay/others)* {
+trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
    proxy.type = "trojan";
    handleTransport();
 }
-hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/udp_relay/fast_open/download_bandwidth/ecn/others)* {
+hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/udp_relay/fast_open/download_bandwidth/salamander_password/ecn/others)* {
    proxy.type = "hysteria2";
 }
-https = tag equals "https"i address (username password)? (tls_host/tls_verification/fast_open/udp_relay/others)* {
+https = tag equals "https"i address (username password)? (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
    proxy.type = "http";
    proxy.tls = true;
 }
 http = tag equals "http"i address (username password)? (fast_open/udp_relay/others)* {
    proxy.type = "http";
 }
-socks5 = tag equals "socks5"i address (username password)? (over_tls/tls_host/tls_verification/fast_open/udp_relay/others)* {
+socks5 = tag equals "socks5"i address (username password)? (over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/others)* {
    proxy.type = "socks5";
 }

@@ -170,12 +170,15 @@ vmess_alterId = comma "alterId" equals alterId:$[0-9]+ { proxy.alterId = parseIn
 over_tls = comma "over-tls" equals flag:bool { proxy.tls = flag; }
 tls_host = comma sni:("tls-name"/"sni") equals host:domain { proxy.sni = host; }
 tls_verification = comma "skip-cert-verify" equals flag:bool { proxy["skip-cert-verify"] = flag; }
+tls_cert_sha256 = comma "tls-cert-sha256" equals match:[^,]+ { proxy["tls-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+tls_pubkey_sha256 = comma "tls-pubkey-sha256" equals match:[^,]+ { proxy["tls-pubkey-sha256"] = match.join("").replace(/^"(.*)"$/, '$1'); }

 fast_open = comma "fast-open" equals flag:bool { proxy.tfo = flag; }
 udp_relay = comma "udp" equals flag:bool { proxy.udp = flag; }

 ecn = comma "ecn" equals flag:bool { proxy.ecn = flag; }
 download_bandwidth = comma "download-bandwidth" equals match:[^,]+ { proxy.down = match.join(""); }
+salamander_password = comma "salamander-password" equals match:[^,]+ { proxy['obfs-password'] = match.join(""); proxy.obfs = 'salamander'; }

 tag = match:[^=,]* { proxy.name = match.join("").trim(); }
 comma = _ "," _
--- a/backend/src/core/proxy-utils/parsers/peggy/qx.js
+++ b/backend/src/core/proxy-utils/parsers/peggy/qx.js
@@ -50,8 +50,11 @@ trojan = "trojan" equals address

 shadowsocks = "shadowsocks" equals address
    (password/method/obfs_ssr/obfs_ss/obfs_host/obfs_uri/ssr_protocol/ssr_protocol_param/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/udp_relay/udp_over_tcp/fast_open/tag/server_check_url/others)* {
-    if (proxy.protocol) {
+    if (proxy.protocol || proxy.type === "ssr") {
        proxy.type = "ssr";
+        if (!proxy.protocol) {
+            proxy.protocol = "origin";
+        }
        // handle ssr obfs
        if (obfs.host) proxy["obfs-param"] = obfs.host;
        if (obfs.type) proxy.obfs = obfs.type;
@@ -172,7 +175,7 @@ tls_no_session_reuse = comma "tls-no-session-reuse" equals flag:bool {
 }

 obfs_ss = comma "obfs" equals type:("http"/"tls"/"wss"/"ws"/"over-tls") { obfs.type = type; return type; }
-obfs_ssr = comma "obfs" equals type:("plain"/"http_simple"/"http_post"/"random_head"/"tls1.2_ticket_auth"/"tls1.2_ticket_fastauth") { obfs.type = type; return type; }
+obfs_ssr = comma "obfs" equals type:("plain"/"http_simple"/"http_post"/"random_head"/"tls1.2_ticket_auth"/"tls1.2_ticket_fastauth") { proxy.type = "ssr"; obfs.type = type; return type; }
 obfs = comma "obfs" equals type:("wss"/"ws"/"over-tls"/"http") { obfs.type = type; return type; };

 obfs_host = comma "obfs-host" equals host:domain { obfs.host = host; }
--- a/backend/src/core/proxy-utils/parsers/peggy/qx.peg
+++ b/backend/src/core/proxy-utils/parsers/peggy/qx.peg
@@ -48,8 +48,11 @@ trojan = "trojan" equals address

 shadowsocks = "shadowsocks" equals address
    (password/method/obfs_ssr/obfs_ss/obfs_host/obfs_uri/ssr_protocol/ssr_protocol_param/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/udp_relay/udp_over_tcp/fast_open/tag/server_check_url/others)* {
-    if (proxy.protocol) {
+    if (proxy.protocol || proxy.type === "ssr") {
        proxy.type = "ssr";
+        if (!proxy.protocol) {
+            proxy.protocol = "origin";
+        }
        // handle ssr obfs
        if (obfs.host) proxy["obfs-param"] = obfs.host;
        if (obfs.type) proxy.obfs = obfs.type;
@@ -170,7 +173,7 @@ tls_no_session_reuse = comma "tls-no-session-reuse" equals flag:bool {
 }

 obfs_ss = comma "obfs" equals type:("http"/"tls"/"wss"/"ws"/"over-tls") { obfs.type = type; return type; }
-obfs_ssr = comma "obfs" equals type:("plain"/"http_simple"/"http_post"/"random_head"/"tls1.2_ticket_auth"/"tls1.2_ticket_fastauth") { obfs.type = type; return type; }
+obfs_ssr = comma "obfs" equals type:("plain"/"http_simple"/"http_post"/"random_head"/"tls1.2_ticket_auth"/"tls1.2_ticket_fastauth") { proxy.type = "ssr"; obfs.type = type; return type; }
 obfs = comma "obfs" equals type:("wss"/"ws"/"over-tls"/"http") { obfs.type = type; return type; };

 obfs_host = comma "obfs-host" equals host:domain { obfs.host = host; }
--- a/backend/src/core/proxy-utils/parsers/peggy/trojan-uri.js
+++ b/backend/src/core/proxy-utils/parsers/peggy/trojan-uri.js
@@ -89,7 +89,12 @@ params = "?" head:param tail:("&"@param)* {
  }
  
  if (params["type"]) {
+    let httpupgrade
    proxy.network = params["type"]
+    if(proxy.network === 'httpupgrade') {
+      proxy.network = 'ws'
+      httpupgrade = true
+    }
    if (['grpc'].includes(proxy.network)) {
        proxy[proxy.network + '-opts'] = {
            'grpc-service-name': params["serviceName"],
@@ -102,6 +107,10 @@ params = "?" head:param tail:("&"@param)* {
      if (params["host"]) {
        $set(proxy, proxy.network+"-opts.headers.Host", decodeURIComponent(params["host"])); 
      }
+      if (httpupgrade) {
+        $set(proxy, proxy.network+"-opts.v2ray-http-upgrade", true); 
+        $set(proxy, proxy.network+"-opts.v2ray-http-upgrade-fast-open", true); 
+      }
    }
  }

--- a/backend/src/core/proxy-utils/parsers/peggy/trojan-uri.peg
+++ b/backend/src/core/proxy-utils/parsers/peggy/trojan-uri.peg
@@ -87,7 +87,12 @@ params = "?" head:param tail:("&"@param)* {
  }
  
  if (params["type"]) {
+    let httpupgrade
    proxy.network = params["type"]
+    if(proxy.network === 'httpupgrade') {
+      proxy.network = 'ws'
+      httpupgrade = true
+    }
    if (['grpc'].includes(proxy.network)) {
        proxy[proxy.network + '-opts'] = {
            'grpc-service-name': params["serviceName"],
@@ -100,6 +105,10 @@ params = "?" head:param tail:("&"@param)* {
      if (params["host"]) {
        $set(proxy, proxy.network+"-opts.headers.Host", decodeURIComponent(params["host"])); 
      }
+      if (httpupgrade) {
+        $set(proxy, proxy.network+"-opts.v2ray-http-upgrade", true); 
+        $set(proxy, proxy.network+"-opts.v2ray-http-upgrade-fast-open", true); 
+      }
    }
  }

--- a/backend/src/core/proxy-utils/preprocessors/index.js
+++ b/backend/src/core/proxy-utils/preprocessors/index.js
@@ -22,6 +22,7 @@ function Base64Encoded() {
        'aHR0c', // htt
        'dmxlc3M=', // vless
        'aHlzdGVyaWEy', // hysteria2
+        'aHkyOi8v', // hy2://
        'd2lyZWd1YXJkOi8v', // wireguard://
        'd2c6Ly8=', // wg://
        'dHVpYzovLw==', // tuic://
--- a/backend/src/core/proxy-utils/processors/index.js
+++ b/backend/src/core/proxy-utils/processors/index.js
@@ -1,13 +1,15 @@
 import resourceCache from '@/utils/resource-cache';
 import scriptResourceCache from '@/utils/script-resource-cache';
-import { isIPv4, isIPv6 } from '@/utils';
+import { isIPv4, isIPv6, ipAddress } from '@/utils';
 import { FULL } from '@/utils/logical';
-import { getFlag } from '@/utils/geo';
+import { getFlag, removeFlag } from '@/utils/geo';
+import { doh } from '@/utils/dns';
 import lodash from 'lodash';
 import $ from '@/core/app';
 import { hex_md5 } from '@/vendor/md5';
 import { ProxyUtils } from '@/core/proxy-utils';
 import { produceArtifact } from '@/restful/sync';
+import { SETTINGS_KEY } from '@/constants';

 import env from '@/utils/env';
 import {
@@ -362,9 +364,6 @@ function parseIP4P(IP4P) {
    let server;
    let port;
    try {
-        if (!/^2001::[^:]+:[^:]+:[^:]+$/.test(IP4P)) {
-            throw new Error(`Invalid IP4P: ${IP4P}`);
-        }
        let array = IP4P.split(':');

        port = parseInt(array[2], 16);
@@ -389,31 +388,64 @@ function parseIP4P(IP4P) {
 }

 const DOMAIN_RESOLVERS = {
-    Google: async function (domain, type, noCache) {
+    Custom: async function (domain, type, noCache, timeout, edns, url) {
+        const id = hex_md5(`CUSTOM:${url}:${domain}:${type}`);
+        const cached = resourceCache.get(id);
+        if (!noCache && cached) return cached;
+        const answerType = type === 'IPv6' ? 'AAAA' : 'A';
+        const res = await doh({
+            url,
+            domain,
+            type: answerType,
+            timeout,
+            edns,
+        });
+
+        const { answers } = res;
+        if (!Array.isArray(answers) || answers.length === 0) {
+            throw new Error('No answers');
+        }
+        const result = answers
+            .filter((i) => i?.type === answerType)
+            .map((i) => i?.data)
+            .filter((i) => i);
+        if (result.length === 0) {
+            throw new Error('No answers');
+        }
+        resourceCache.set(id, result);
+        return result;
+    },
+    Google: async function (domain, type, noCache, timeout, edns) {
        const id = hex_md5(`GOOGLE:${domain}:${type}`);
        const cached = resourceCache.get(id);
        if (!noCache && cached) return cached;
        const resp = await $.http.get({
            url: `https://8.8.4.4/resolve?name=${encodeURIComponent(
                domain,
-            )}&type=${type === 'IPv6' ? 'AAAA' : 'A'}`,
+            )}&type=${
+                type === 'IPv6' ? 'AAAA' : 'A'
+            }&edns_client_subnet=${edns}`,
            headers: {
                accept: 'application/dns-json',
            },
+            timeout,
        });
        const body = JSON.parse(resp.body);
        if (body['Status'] !== 0) {
            throw new Error(`Status is ${body['Status']}`);
        }
        const answers = body['Answer'];
-        if (answers.length === 0) {
+        if (!Array.isArray(answers) || answers.length === 0) {
+            throw new Error('No answers');
+        }
+        const result = answers.map((i) => i?.data).filter((i) => i);
+        if (result.length === 0) {
            throw new Error('No answers');
        }
-        const result = answers[answers.length - 1].data;
        resourceCache.set(id, result);
        return result;
    },
-    'IP-API': async function (domain, type, noCache) {
+    'IP-API': async function (domain, type, noCache, timeout) {
        if (['IPv6'].includes(type)) {
            throw new Error(`域名解析服务提供方 IP-API 不支持 ${type}`);
        }
@@ -424,16 +456,23 @@ const DOMAIN_RESOLVERS = {
            url: `http://ip-api.com/json/${encodeURIComponent(
                domain,
            )}?lang=zh-CN`,
+            timeout,
        });
        const body = JSON.parse(resp.body);
        if (body['status'] !== 'success') {
            throw new Error(`Status is ${body['status']}`);
        }
-        const result = body.query;
+        if (!body.query || body.query === 0) {
+            throw new Error('No answers');
+        }
+        const result = [body.query];
+        if (result.length === 0) {
+            throw new Error('No answers');
+        }
        resourceCache.set(id, result);
        return result;
    },
-    Cloudflare: async function (domain, type, noCache) {
+    Cloudflare: async function (domain, type, noCache, timeout) {
        const id = hex_md5(`CLOUDFLARE:${domain}:${type}`);
        const cached = resourceCache.get(id);
        if (!noCache && cached) return cached;
@@ -444,80 +483,112 @@ const DOMAIN_RESOLVERS = {
            headers: {
                accept: 'application/dns-json',
            },
+            timeout,
        });
        const body = JSON.parse(resp.body);
        if (body['Status'] !== 0) {
            throw new Error(`Status is ${body['Status']}`);
        }
        const answers = body['Answer'];
-        if (answers.length === 0) {
+        if (!Array.isArray(answers) || answers.length === 0) {
+            throw new Error('No answers');
+        }
+        const result = answers.map((i) => i?.data).filter((i) => i);
+        if (result.length === 0) {
            throw new Error('No answers');
        }
-        const result = answers[answers.length - 1].data;
        resourceCache.set(id, result);
        return result;
    },
-    Ali: async function (domain, type, noCache) {
+    Ali: async function (domain, type, noCache, timeout, edns) {
        const id = hex_md5(`ALI:${domain}:${type}`);
        const cached = resourceCache.get(id);
        if (!noCache && cached) return cached;
        const resp = await $.http.get({
-            url: `http://223.6.6.6/resolve?name=${encodeURIComponent(
+            url: `http://223.6.6.6/resolve?edns_client_subnet=${edns}/24&name=${encodeURIComponent(
                domain,
            )}&type=${type === 'IPv6' ? 'AAAA' : 'A'}&short=1`,
            headers: {
                accept: 'application/dns-json',
            },
+            timeout,
        });
        const answers = JSON.parse(resp.body);
-        if (answers.length === 0) {
+        if (!Array.isArray(answers) || answers.length === 0) {
+            throw new Error('No answers');
+        }
+        const result = answers;
+        if (result.length === 0) {
            throw new Error('No answers');
        }
-        const result = answers[answers.length - 1];
        resourceCache.set(id, result);
        return result;
    },
-    Tencent: async function (domain, type, noCache) {
-        const id = hex_md5(`ALI:${domain}:${type}`);
+    Tencent: async function (domain, type, noCache, timeout, edns) {
+        const id = hex_md5(`TENCENT:${domain}:${type}`);
        const cached = resourceCache.get(id);
        if (!noCache && cached) return cached;
        const resp = await $.http.get({
-            url: `http://119.28.28.28/d?type=${
+            url: `http://119.28.28.28/d?ip=${edns}&type=${
                type === 'IPv6' ? 'AAAA' : 'A'
            }&dn=${encodeURIComponent(domain)}`,
            headers: {
                accept: 'application/dns-json',
            },
+            timeout,
        });
        const answers = resp.body.split(';').map((i) => i.split(',')[0]);
        if (answers.length === 0 || String(answers) === '0') {
            throw new Error('No answers');
        }
-        const result = answers[answers.length - 1];
+        const result = answers;
+        if (result.length === 0) {
+            throw new Error('No answers');
+        }
        resourceCache.set(id, result);
        return result;
    },
 };

-function ResolveDomainOperator({ provider, type: _type, filter, cache }) {
+function ResolveDomainOperator({
+    provider,
+    type: _type,
+    filter,
+    cache,
+    url,
+    timeout,
+    edns: _edns,
+}) {
    if (['IPv6', 'IP4P'].includes(_type) && ['IP-API'].includes(provider)) {
        throw new Error(`域名解析服务提供方 ${provider} 不支持 ${_type}`);
    }
+    const { defaultTimeout } = $.read(SETTINGS_KEY);
+    const requestTimeout = timeout || defaultTimeout;
    let type = ['IPv6', 'IP4P'].includes(_type) ? 'IPv6' : 'IPv4';

    const resolver = DOMAIN_RESOLVERS[provider];
    if (!resolver) {
        throw new Error(`找不到域名解析服务提供方: ${provider}`);
    }
+    let edns = _edns || '223.6.6.6';
+    if (!isIP(edns)) throw new Error(`域名解析 EDNS 应为 IP`);
+    $.info(
+        `Domain Resolver: [${_type}] ${provider} ${edns || ''} ${url || ''}`,
+    );
    return {
        name: 'Resolve Domain Operator',
        func: async (proxies) => {
+            proxies.forEach((p, i) => {
+                if (!p['_no-resolve'] && p['no-resolve']) {
+                    proxies[i]['_no-resolve'] = p['no-resolve'];
+                }
+            });
            const results = {};
            const limit = 15; // more than 20 concurrency may result in surge TCP connection shortage.
            const totalDomain = [
                ...new Set(
                    proxies
-                        .filter((p) => !isIP(p.server) && !p['no-resolve'])
+                        .filter((p) => !isIP(p.server) && !p['_no-resolve'])
                        .map((c) => c.server),
                ),
            ];
@@ -526,7 +597,14 @@ function ResolveDomainOperator({ provider, type: _type, filter, cache }) {
                const currentBatch = [];
                for (let domain of totalDomain.splice(0, limit)) {
                    currentBatch.push(
-                        resolver(domain, type, cache === 'disabled')
+                        resolver(
+                            domain,
+                            type,
+                            cache === 'disabled',
+                            requestTimeout,
+                            edns,
+                            url,
+                        )
                            .then((ip) => {
                                results[domain] = ip;
                                $.info(
@@ -543,34 +621,58 @@ function ResolveDomainOperator({ provider, type: _type, filter, cache }) {
                await Promise.all(currentBatch);
            }
            proxies.forEach((p) => {
-                if (!p['no-resolve']) {
+                if (!p['_no-resolve']) {
                    if (results[p.server]) {
-                        if (_type === 'IP4P') {
-                            const { server, port } = parseIP4P(
-                                results[p.server],
-                            );
-                            if (server && port) {
+                        p._resolved_ips = results[p.server];
+                        let ip = Array.isArray(results[p.server])
+                            ? results[p.server][
+                                  Math.floor(
+                                      Math.random() * results[p.server].length,
+                                  )
+                              ]
+                            : results[p.server];
+                        if (type === 'IPv6' && isIPv6(ip)) {
+                            try {
+                                ip = new ipAddress.Address6(ip).correctForm();
+                            } catch (e) {
+                                $.error(
+                                    `Failed to parse IPv6 address: ${ip}: ${e}`,
+                                );
+                            }
+                            if (/^2001::[^:]+:[^:]+:[^:]+$/.test(ip)) {
+                                p._IP4P = ip;
+                                const { server, port } = parseIP4P(ip);
+                                if (server && port) {
+                                    p._domain = p.server;
+                                    p.server = server;
+                                    p.port = port;
+                                    p.resolved = true;
+                                    p._IPv4 = p.server;
+                                    if (!isIP(p._IP)) {
+                                        p._IP = p.server;
+                                    }
+                                } else if (!p.resolved) {
+                                    p.resolved = false;
+                                }
+                            } else {
                                p._domain = p.server;
-                                p.server = server;
-                                p.port = port;
+                                p.server = ip;
                                p.resolved = true;
-                                p._IPv4 = p.server;
+                                p[`_${type}`] = p.server;
                                if (!isIP(p._IP)) {
                                    p._IP = p.server;
                                }
-                            } else {
-                                p.resolved = false;
                            }
                        } else {
                            p._domain = p.server;
-                            p.server = results[p.server];
+                            p.server = ip;
                            p.resolved = true;
                            p[`_${type}`] = p.server;
                            if (!isIP(p._IP)) {
                                p._IP = p.server;
                            }
                        }
-                    } else {
+                    } else if (!p.resolved) {
                        p.resolved = false;
                    }
                }
@@ -578,7 +680,7 @@ function ResolveDomainOperator({ provider, type: _type, filter, cache }) {

            return proxies.filter((p) => {
                if (filter === 'removeFailed') {
-                    return isIP(p.server) || p['no-resolve'] || p.resolved;
+                    return isIP(p.server) || p['_no-resolve'] || p.resolved;
                } else if (filter === 'IPOnly') {
                    return isIP(p.server);
                } else if (filter === 'IPv4Only') {
@@ -864,13 +966,6 @@ function clone(object) {
    return JSON.parse(JSON.stringify(object));
 }

-// remove flag
-function removeFlag(str) {
-    return str
-        .replace(/[\uD83C][\uDDE6-\uDDFF][\uD83C][\uDDE6-\uDDFF]/g, '')
-        .trim();
-}
-
 function createDynamicFunction(name, script, $arguments) {
    const flowUtils = {
        getFlowField,
@@ -892,6 +987,7 @@ function createDynamicFunction(name, script, $arguments) {
            'scriptResourceCache',
            'flowUtils',
            'produceArtifact',
+            'require',
            `${script}\n return ${name}`,
        )(
            $arguments,
@@ -907,6 +1003,7 @@ function createDynamicFunction(name, script, $arguments) {
            scriptResourceCache,
            flowUtils,
            produceArtifact,
+            require,
        );
    } else {
        return new Function(
@@ -917,6 +1014,7 @@ function createDynamicFunction(name, script, $arguments) {
            'scriptResourceCache',
            'flowUtils',
            'produceArtifact',
+            'require',

            `${script}\n return ${name}`,
        )(
@@ -927,6 +1025,7 @@ function createDynamicFunction(name, script, $arguments) {
            scriptResourceCache,
            flowUtils,
            produceArtifact,
+            require,
        );
    }
 }
--- a/backend/src/core/proxy-utils/producers/clash.js
+++ b/backend/src/core/proxy-utils/producers/clash.js
@@ -133,9 +133,13 @@ export default function Clash_Producer() {
                    }
                }
                if (
-                    ['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(
-                        proxy.type,
-                    )
+                    [
+                        'trojan',
+                        'tuic',
+                        'hysteria',
+                        'hysteria2',
+                        'juicity',
+                    ].includes(proxy.type)
                ) {
                    delete proxy.tls;
                }
@@ -158,6 +162,7 @@ export default function Clash_Producer() {
                delete proxy.collectionName;
                delete proxy.id;
                delete proxy.resolved;
+                delete proxy['no-resolve'];
                for (const key in proxy) {
                    if (proxy[key] == null || /^_/i.test(key)) {
                        delete proxy[key];
--- a/backend/src/core/proxy-utils/producers/clashmeta.js
+++ b/backend/src/core/proxy-utils/producers/clashmeta.js
@@ -149,9 +149,13 @@ export default function ClashMeta_Producer() {
                    }
                }
                if (
-                    ['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(
-                        proxy.type,
-                    )
+                    [
+                        'trojan',
+                        'tuic',
+                        'hysteria',
+                        'hysteria2',
+                        'juicity',
+                    ].includes(proxy.type)
                ) {
                    delete proxy.tls;
                }
@@ -173,6 +177,7 @@ export default function ClashMeta_Producer() {
                delete proxy.collectionName;
                delete proxy.id;
                delete proxy.resolved;
+                delete proxy['no-resolve'];
                for (const key in proxy) {
                    if (proxy[key] == null || /^_/i.test(key)) {
                        delete proxy[key];
--- a/backend/src/core/proxy-utils/producers/loon.js
+++ b/backend/src/core/proxy-utils/producers/loon.js
@@ -153,6 +153,14 @@ function trojan(proxy) {

    // sni
    result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+        'tls-fingerprint',
+    );
+    result.appendIfPresent(
+        `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+        'tls-pubkey-sha256',
+    );

    // tfo
    result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');
@@ -215,6 +223,14 @@ function vmess(proxy) {

    // sni
    result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+        'tls-fingerprint',
+    );
+    result.appendIfPresent(
+        `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+        'tls-pubkey-sha256',
+    );

    // AEAD
    if (isPresent(proxy, 'aead')) {
@@ -286,6 +302,14 @@ function vless(proxy) {

    // sni
    result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+        'tls-fingerprint',
+    );
+    result.appendIfPresent(
+        `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+        'tls-pubkey-sha256',
+    );

    // tfo
    result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');
@@ -339,6 +363,11 @@ function socks5(proxy) {
    // tfo
    result.appendIfPresent(`,tfo=${proxy.tfo}`, 'tfo');

+    // udp
+    if (proxy.udp) {
+        result.append(`,udp=true`);
+    }
+
    return result.toString();
 }

@@ -408,8 +437,8 @@ function wireguard(proxy) {
 }

 function hysteria2(proxy) {
-    if (proxy.obfs || proxy['obfs-password']) {
-        throw new Error(`obfs is unsupported`);
+    if (proxy['obfs-password'] && proxy.obfs != 'salamander') {
+        throw new Error(`only salamander obfs is supported`);
    }
    const result = new Result(proxy);
    result.append(`${proxy.name}=Hysteria2,${proxy.server},${proxy.port}`);
@@ -418,11 +447,23 @@ function hysteria2(proxy) {

    // sni
    result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
+    result.appendIfPresent(
+        `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+        'tls-fingerprint',
+    );
+    result.appendIfPresent(
+        `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+        'tls-pubkey-sha256',
+    );
    result.appendIfPresent(
        `,skip-cert-verify=${proxy['skip-cert-verify']}`,
        'skip-cert-verify',
    );

+    if (proxy['obfs-password'] && proxy.obfs == 'salamander') {
+        result.append(`,salamander-password=${proxy['obfs-password']}`);
+    }
+
    // tfo
    result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');

--- a/backend/src/core/proxy-utils/producers/shadowrocket.js
+++ b/backend/src/core/proxy-utils/producers/shadowrocket.js
@@ -152,9 +152,13 @@ export default function ShadowRocket_Producer() {
                    }
                }
                if (
-                    ['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(
-                        proxy.type,
-                    )
+                    [
+                        'trojan',
+                        'tuic',
+                        'hysteria',
+                        'hysteria2',
+                        'juicity',
+                    ].includes(proxy.type)
                ) {
                    delete proxy.tls;
                }
@@ -176,6 +180,7 @@ export default function ShadowRocket_Producer() {
                delete proxy.collectionName;
                delete proxy.id;
                delete proxy.resolved;
+                delete proxy['no-resolve'];
                for (const key in proxy) {
                    if (proxy[key] == null || /^_/i.test(key)) {
                        delete proxy[key];
--- a/backend/src/core/proxy-utils/producers/sing-box.js
+++ b/backend/src/core/proxy-utils/producers/sing-box.js
@@ -202,8 +202,8 @@ const tlsParser = (proxy, parsedProxy) => {
        parsedProxy.tls.alpn = [proxy.alpn];
    } else if (Array.isArray(proxy.alpn)) parsedProxy.tls.alpn = proxy.alpn;
    if (proxy.ca) parsedProxy.tls.certificate_path = `${proxy.ca}`;
-    if (proxy.ca_str) parsedProxy.tls.certificate = proxy.ca_sStr;
-    if (proxy['ca-str']) parsedProxy.tls.certificate = proxy['ca-str'];
+    if (proxy.ca_str) parsedProxy.tls.certificate = [proxy.ca_str];
+    if (proxy['ca-str']) parsedProxy.tls.certificate = [proxy['ca-str']];
    if (proxy['client-fingerprint'] && proxy['client-fingerprint'] !== '')
        parsedProxy.tls.utls = {
            enabled: true,
--- a/backend/src/core/proxy-utils/producers/stash.js
+++ b/backend/src/core/proxy-utils/producers/stash.js
@@ -21,6 +21,8 @@ export default function Stash_Producer() {
                        'wireguard',
                        'hysteria',
                        'hysteria2',
+                        'ssh',
+                        'juicity',
                    ].includes(proxy.type) ||
                    (proxy.type === 'ss' &&
                        ![
@@ -232,14 +234,18 @@ export default function Stash_Producer() {
                    }
                }
                if (
-                    ['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(
-                        proxy.type,
-                    )
+                    [
+                        'trojan',
+                        'tuic',
+                        'hysteria',
+                        'hysteria2',
+                        'juicity',
+                    ].includes(proxy.type)
                ) {
                    delete proxy.tls;
                }
                if (proxy['tls-fingerprint']) {
-                    proxy.fingerprint = proxy['tls-fingerprint'];
+                    proxy['server-cert-fingerprint'] = proxy['tls-fingerprint'];
                }
                delete proxy['tls-fingerprint'];

@@ -265,6 +271,7 @@ export default function Stash_Producer() {
                delete proxy.collectionName;
                delete proxy.id;
                delete proxy.resolved;
+                delete proxy['no-resolve'];
                for (const key in proxy) {
                    if (proxy[key] == null || /^_/i.test(key)) {
                        delete proxy[key];
--- a/backend/src/core/proxy-utils/producers/surfboard.js
+++ b/backend/src/core/proxy-utils/producers/surfboard.js
@@ -6,7 +6,7 @@ const targetPlatform = 'Surfboard';

 export default function Surfboard_Producer() {
    const produce = (proxy) => {
-        proxy.name = proxy.name.replace(/=/g, '');
+        proxy.name = proxy.name.replace(/=|,/g, '');
        switch (proxy.type) {
            case 'ss':
                return shadowsocks(proxy);
--- a/backend/src/core/proxy-utils/producers/surge.js
+++ b/backend/src/core/proxy-utils/producers/surge.js
@@ -14,13 +14,14 @@ const ipVersions = {

 export default function Surge_Producer() {
    const produce = (proxy, type, opts = {}) => {
+        proxy.name = proxy.name.replace(/=|,/g, '');
        switch (proxy.type) {
            case 'ss':
                return shadowsocks(proxy);
            case 'trojan':
                return trojan(proxy);
            case 'vmess':
-                return vmess(proxy);
+                return vmess(proxy, opts['include-unsupported-proxy']);
            case 'http':
                return http(proxy);
            case 'socks5':
@@ -263,7 +264,7 @@ function trojan(proxy) {
    return result.toString();
 }

-function vmess(proxy) {
+function vmess(proxy, includeUnsupportedProxy) {
    const result = new Result(proxy);
    result.append(`${proxy.name}=${proxy.type},${proxy.server},${proxy.port}`);
    result.appendIfPresent(`,username=${proxy.uuid}`, 'uuid');
@@ -277,7 +278,7 @@ function vmess(proxy) {
    );

    // transport
-    handleTransport(result, proxy);
+    handleTransport(result, proxy, includeUnsupportedProxy);

    // AEAD
    if (isPresent(proxy, 'aead')) {
@@ -762,8 +763,8 @@ function wireguard(proxy) {
    }
    const result = new Result(proxy);

-    result.append(`# WireGuard Proxy ${proxy.name}
-${proxy.name}=wireguard`);
+    result.append(`# > WireGuard Proxy ${proxy.name}
+# ${proxy.name}=wireguard`);

    proxy['section-name'] = getIfNotBlank(proxy['section-name'], proxy.name);

@@ -821,7 +822,7 @@ ${proxy.name}=wireguard`);
    );

    result.append(`
-# WireGuard Section ${proxy.name}
+# > WireGuard Section ${proxy.name}
 [WireGuard ${proxy['section-name']}]
 private-key = ${proxy['private-key']}`);

@@ -1012,7 +1013,7 @@ function hysteria2(proxy) {
    return result.toString();
 }

-function handleTransport(result, proxy) {
+function handleTransport(result, proxy, includeUnsupportedProxy) {
    if (isPresent(proxy, 'network')) {
        if (proxy.network === 'ws') {
            result.append(`,ws=true`);
@@ -1038,7 +1039,13 @@ function handleTransport(result, proxy) {
                }
            }
        } else {
-            throw new Error(`network ${proxy.network} is unsupported`);
+            if (includeUnsupportedProxy && ['http'].includes(proxy.network)) {
+                $.info(
+                    `Include Unsupported Proxy: nework ${proxy.network} -> tcp`,
+                );
+            } else {
+                throw new Error(`network ${proxy.network} is unsupported`);
+            }
        }
    }
 }
--- a/backend/src/core/proxy-utils/producers/surgemac.js
+++ b/backend/src/core/proxy-utils/producers/surgemac.js
@@ -1,6 +1,6 @@
-import { Result } from './utils';
+import { Result, isPresent } from './utils';
 import Surge_Producer from './surge';
-import { isIPv4, isIPv6, isPresent } from '@/utils';
+import { isIPv4, isIPv6 } from '@/utils';
 import $ from '@/core/app';

 const targetPlatform = 'SurgeMac';
@@ -84,6 +84,7 @@ function shadowsocksr(proxy) {
    for (const [key, value] of Object.entries({
        cipher: '-m',
        obfs: '-o',
+        'obfs-param': '-g',
        password: '-k',
        port: '-p',
        protocol: '-O',
@@ -92,8 +93,10 @@ function shadowsocksr(proxy) {
        'local-port': '-l',
        'local-address': '-b',
    })) {
-        external_proxy.args.push(value);
-        external_proxy.args.push(external_proxy[key]);
+        if (external_proxy[key] != null) {
+            external_proxy.args.push(value);
+            external_proxy.args.push(external_proxy[key]);
+        }
    }

    return external(external_proxy);
--- a/backend/src/core/proxy-utils/producers/uri.js
+++ b/backend/src/core/proxy-utils/producers/uri.js
@@ -10,12 +10,17 @@ export default function URI_Producer() {
        delete proxy.collectionName;
        delete proxy.id;
        delete proxy.resolved;
+        delete proxy['no-resolve'];
        for (const key in proxy) {
            if (proxy[key] == null || /^_/i.test(key)) {
                delete proxy[key];
            }
        }
-        if (['trojan', 'tuic', 'hysteria', 'hysteria2'].includes(proxy.type)) {
+        if (
+            ['trojan', 'tuic', 'hysteria', 'hysteria2', 'juicity'].includes(
+                proxy.type,
+            )
+        ) {
            delete proxy.tls;
        }
        if (proxy.server && isIPv6(proxy.server)) {
@@ -26,7 +31,7 @@ export default function URI_Producer() {
                const userinfo = `${proxy.cipher}:${proxy.password}`;
                result = `ss://${Base64.encode(userinfo)}@${proxy.server}:${
                    proxy.port
-                }/`;
+                }${proxy.plugin ? '/' : ''}`;
                if (proxy.plugin) {
                    result += '?plugin=';
                    const opts = proxy['plugin-opts'];
@@ -55,7 +60,9 @@ export default function URI_Producer() {
                    result = `${result}${proxy.plugin ? '&' : '?'}uot=1`;
                }
                if (proxy.tfo) {
-                    result = `${result}${proxy.plugin ? '&' : '?'}tfo=1`;
+                    result = `${result}${
+                        proxy.plugin || proxy['udp-over-tcp'] ? '&' : '?'
+                    }tfo=1`;
                }
                result += `#${encodeURIComponent(proxy.name)}`;
                break;
@@ -82,6 +89,11 @@ export default function URI_Producer() {
                if (proxy.network === 'http') {
                    net = 'tcp';
                    type = 'http';
+                } else if (
+                    proxy.network === 'ws' &&
+                    proxy['ws-opts']?.['v2ray-http-upgrade']
+                ) {
+                    net = 'httpupgrade';
                }
                result = {
                    v: '2',
@@ -170,9 +182,15 @@ export default function URI_Producer() {
                if (proxy.flow) {
                    flow = `&flow=${encodeURIComponent(proxy.flow)}`;
                }
-                let vlessTransport = `&type=${encodeURIComponent(
-                    proxy.network,
-                )}`;
+                let vlessType = proxy.network;
+                if (
+                    proxy.network === 'ws' &&
+                    proxy['ws-opts']?.['v2ray-http-upgrade']
+                ) {
+                    vlessType = 'httpupgrade';
+                }
+
+                let vlessTransport = `&type=${encodeURIComponent(vlessType)}`;
                if (['grpc'].includes(proxy.network)) {
                    // https://github.com/XTLS/Xray-core/issues/91
                    vlessTransport += `&mode=${encodeURIComponent(
@@ -218,7 +236,14 @@ export default function URI_Producer() {
            case 'trojan':
                let trojanTransport = '';
                if (proxy.network) {
-                    trojanTransport = `&type=${proxy.network}`;
+                    let trojanType = proxy.network;
+                    if (
+                        proxy.network === 'ws' &&
+                        proxy['ws-opts']?.['v2ray-http-upgrade']
+                    ) {
+                        trojanType = 'httpupgrade';
+                    }
+                    trojanTransport = `&type=${encodeURIComponent(trojanType)}`;
                    if (['grpc'].includes(proxy.network)) {
                        let trojanTransportServiceName =
                            proxy[`${proxy.network}-opts`]?.[
--- a/backend/src/core/proxy-utils/producers/v2ray.js
+++ b/backend/src/core/proxy-utils/producers/v2ray.js
@@ -1,12 +1,30 @@
 /* eslint-disable no-case-declarations */
 import { Base64 } from 'js-base64';
 import URI_Producer from './uri';
+import $ from '@/core/app';

 const URI = URI_Producer();

 export default function V2Ray_Producer() {
    const type = 'ALL';
-    const produce = (proxies) =>
-        Base64.encode(proxies.map((proxy) => URI.produce(proxy)).join('\n'));
+    const produce = (proxies) => {
+        let result = [];
+        proxies.map((proxy) => {
+            try {
+                result.push(URI.produce(proxy));
+            } catch (err) {
+                $.error(
+                    `Cannot produce proxy: ${JSON.stringify(
+                        proxy,
+                        null,
+                        2,
+                    )}\nReason: ${err}`,
+                );
+            }
+        });
+
+        return Base64.encode(result.join('\n'));
+    };
+
    return { type, produce };
 }
--- a/backend/src/products/cron-sync-artifacts.js
+++ b/backend/src/products/cron-sync-artifacts.js
@@ -11,17 +11,65 @@ import { syncToGist } from '@/restful/artifacts';
 import { findByName } from '@/utils/database';

 !(async function () {
-    const settings = $.read(SETTINGS_KEY);
-    // if GitHub token is not configured
-    if (!settings.githubUser || !settings.gistToken) return;
+    let arg;
+    if (typeof $argument != 'undefined') {
+        arg = Object.fromEntries(
+            // eslint-disable-next-line no-undef
+            $argument.split('&').map((item) => item.split('=')),
+        );
+    } else {
+        arg = {};
+    }
+    let sub_names = (arg?.subscription ?? arg?.sub ?? '')
+        .split(/,|，/g)
+        .map((i) => i.trim())
+        .filter((i) => i.length > 0)
+        .map((i) => decodeURIComponent(i));
+    let col_names = (arg?.collection ?? arg?.col ?? '')
+        .split(/,|，/g)
+        .map((i) => i.trim())
+        .filter((i) => i.length > 0)
+        .map((i) => decodeURIComponent(i));
+    if (sub_names.length > 0 || col_names.length > 0) {
+        if (sub_names.length > 0)
+            await produceArtifacts(sub_names, 'subscription');
+        if (col_names.length > 0)
+            await produceArtifacts(col_names, 'collection');
+    } else {
+        const settings = $.read(SETTINGS_KEY);
+        // if GitHub token is not configured
+        if (!settings.githubUser || !settings.gistToken) return;

-    const artifacts = $.read(ARTIFACTS_KEY);
-    if (!artifacts || artifacts.length === 0) return;
+        const artifacts = $.read(ARTIFACTS_KEY);
+        if (!artifacts || artifacts.length === 0) return;

-    const shouldSync = artifacts.some((artifact) => artifact.sync);
-    if (shouldSync) await doSync();
+        const shouldSync = artifacts.some((artifact) => artifact.sync);
+        if (shouldSync) await doSync();
+    }
 })().finally(() => $.done());

+async function produceArtifacts(names, type) {
+    try {
+        if (names.length > 0) {
+            $.info(`produceArtifacts ${type} 开始: ${names.join(', ')}`);
+            await Promise.all(
+                names.map(async (name) => {
+                    try {
+                        await produceArtifact({
+                            type,
+                            name,
+                        });
+                    } catch (e) {
+                        $.error(`${type} ${name} error: ${e.message ?? e}`);
+                    }
+                }),
+            );
+            $.info(`produceArtifacts ${type} 完成: ${names.join(', ')}`);
+        }
+    } catch (e) {
+        $.error(`produceArtifacts error: ${e.message ?? e}`);
+    }
+}
 async function doSync() {
    console.log(
        `
@@ -69,6 +117,7 @@ async function doSync() {
                        await produceArtifact({
                            type: 'subscription',
                            name: subName,
+                            awaitCustomCache: true,
                        });
                    } catch (e) {
                        // $.error(`${e.message ?? e}`);
--- a/backend/src/restful/artifacts.js
+++ b/backend/src/restful/artifacts.js
@@ -253,7 +253,25 @@ async function syncToGist(files) {
        key: ARTIFACT_REPOSITORY_KEY,
        syncPlatform,
    });
-    return manager.upload(files);
+    const res = await manager.upload(files);
+    let body = {};
+    try {
+        body = JSON.parse(res.body);
+        // eslint-disable-next-line no-empty
+    } catch (e) {}
+
+    const url = body?.html_url ?? body?.web_url;
+    const settings = $.read(SETTINGS_KEY);
+    if (url) {
+        $.log(`同步 Gist 后, 找到 Sub-Store Gist: ${url}`);
+        settings.artifactStore = url;
+        settings.artifactStoreStatus = 'VALID';
+    } else {
+        $.error(`同步 Gist 后, 找不到 Sub-Store Gist`);
+        settings.artifactStoreStatus = 'NOT FOUND';
+    }
+    $.write(settings, SETTINGS_KEY);
+    return res;
 }

 export { syncToGist };
--- a/backend/src/restful/download.js
+++ b/backend/src/restful/download.js
@@ -55,7 +55,11 @@ async function downloadSubscription(req, res) {
    const platform =
        req.query.target || getPlatformFromHeaders(req.headers) || 'JSON';

-    $.info(`正在下载订阅：${name}`);
+    $.info(
+        `正在下载订阅：${name}\n请求 User-Agent: ${
+            req.headers['user-agent'] || req.headers['User-Agent']
+        }`,
+    );
    let {
        url,
        ua,
@@ -119,10 +123,11 @@ async function downloadSubscription(req, res) {
                ['localFirst', 'remoteFirst'].includes(sub.mergeSources)
            ) {
                try {
-                    url = `${url || sub.url}`
-                        .split(/[\r\n]+/)
-                        .map((i) => i.trim())
-                        .filter((i) => i.length)?.[0];
+                    url =
+                        `${url || sub.url}`
+                            .split(/[\r\n]+/)
+                            .map((i) => i.trim())
+                            .filter((i) => i.length)?.[0] || '';

                    let $arguments = {};
                    const rawArgs = url.split('#');
@@ -152,6 +157,7 @@ async function downloadSubscription(req, res) {
                            $arguments.flowUserAgent,
                            undefined,
                            sub.proxy,
+                            $arguments.flowUrl,
                        );
                        if (flowInfo) {
                            res.set('subscription-userinfo', flowInfo);
@@ -228,7 +234,11 @@ async function downloadCollection(req, res) {
    const allCols = $.read(COLLECTIONS_KEY);
    const collection = findByName(allCols, name);

-    $.info(`正在下载组合订阅：${name}`);
+    $.info(
+        `正在下载组合订阅：${name}\n请求 User-Agent: ${
+            req.headers['user-agent'] || req.headers['User-Agent']
+        }`,
+    );

    let {
        ignoreFailedRemoteSub,
@@ -274,10 +284,11 @@ async function downloadCollection(req, res) {
                    ['localFirst', 'remoteFirst'].includes(sub.mergeSources)
                ) {
                    try {
-                        let url = `${sub.url}`
-                            .split(/[\r\n]+/)
-                            .map((i) => i.trim())
-                            .filter((i) => i.length)?.[0];
+                        let url =
+                            `${sub.url}`
+                                .split(/[\r\n]+/)
+                                .map((i) => i.trim())
+                                .filter((i) => i.length)?.[0] || '';

                        let $arguments = {};
                        const rawArgs = url.split('#');
@@ -306,6 +317,7 @@ async function downloadCollection(req, res) {
                                $arguments.flowUserAgent,
                                undefined,
                                sub.proxy,
+                                $arguments.flowUrl,
                            );
                            if (flowInfo) {
                                res.set('subscription-userinfo', flowInfo);
@@ -469,7 +481,11 @@ function nezhaTransform(output) {
        // 简单判断下
        if (/^[a-z]{2}$/i.test(CountryCode)) {
            // 如果节点上有数据 就取节点上的数据
-            let time = proxy._unavailable ? 0 : Date.now();
+            let now = Math.round(new Date().getTime() / 1000);
+            let time = proxy._unavailable ? 0 : now;
+
+            const uptime = parseInt(proxy._uptime || 0, 10);
+
            result.result.push({
                id: index,
                name: proxy.name,
@@ -489,7 +505,7 @@ function nezhaTransform(output) {
                    SwapTotal: 1024,
                    Arch: '',
                    Virtualization: '',
-                    BootTime: time,
+                    BootTime: now - uptime,
                    CountryCode, // 目前需要
                    Version: '0.0.1',
                },
@@ -502,7 +518,7 @@ function nezhaTransform(output) {
                    NetOutTransfer: 0,
                    NetInSpeed: 0,
                    NetOutSpeed: 0,
-                    Uptime: parseInt(proxy._uptime ?? index, 10),
+                    Uptime: uptime,
                    Load1: 0,
                    Load5: 0,
                    Load15: 0,
--- a/backend/src/restful/file.js
+++ b/backend/src/restful/file.js
@@ -1,4 +1,5 @@
 import { deleteByName, findByName, updateByName } from '@/utils/database';
+import { getFlowHeaders } from '@/utils/flow';
 import { FILES_KEY } from '@/constants';
 import { failed, success } from '@/restful/response';
 import $ from '@/core/app';
@@ -50,7 +51,15 @@ async function getFile(req, res) {
    name = decodeURIComponent(name);

    $.info(`正在下载文件：${name}`);
-    let { url, ua, content, mergeSources, ignoreFailedRemoteFile } = req.query;
+    let {
+        url,
+        subInfoUrl,
+        subInfoUserAgent,
+        ua,
+        content,
+        mergeSources,
+        ignoreFailedRemoteFile,
+    } = req.query;
    if (url) {
        url = decodeURIComponent(url);
        $.info(`指定远程文件 URL: ${url}`);
@@ -59,6 +68,14 @@ async function getFile(req, res) {
        ua = decodeURIComponent(ua);
        $.info(`指定远程文件 User-Agent: ${ua}`);
    }
+    if (subInfoUrl) {
+        subInfoUrl = decodeURIComponent(subInfoUrl);
+        $.info(`指定获取流量的 subInfoUrl: ${subInfoUrl}`);
+    }
+    if (subInfoUserAgent) {
+        subInfoUserAgent = decodeURIComponent(subInfoUserAgent);
+        $.info(`指定获取流量的 subInfoUserAgent: ${subInfoUserAgent}`);
+    }
    if (content) {
        content = decodeURIComponent(content);
        $.info(`指定本地文件: ${content}`);
@@ -86,6 +103,26 @@ async function getFile(req, res) {
                ignoreFailedRemoteFile,
            });

+            try {
+                subInfoUrl = subInfoUrl || file.subInfoUrl;
+                if (subInfoUrl) {
+                    // forward flow headers
+                    const flowInfo = await getFlowHeaders(
+                        subInfoUrl,
+                        subInfoUserAgent || file.subInfoUserAgent,
+                    );
+                    if (flowInfo) {
+                        res.set('subscription-userinfo', flowInfo);
+                    }
+                }
+            } catch (err) {
+                $.error(
+                    `文件 ${name} 获取流量信息时发生错误: ${JSON.stringify(
+                        err,
+                    )}`,
+                );
+            }
+
            res.set('Content-Type', 'text/plain; charset=utf-8').send(
                output ?? '',
            );
--- a/backend/src/restful/subscriptions.js
+++ b/backend/src/restful/subscriptions.js
@@ -34,6 +34,11 @@ export default function register($app) {
 async function getFlowInfo(req, res) {
    let { name } = req.params;
    name = decodeURIComponent(name);
+    let { url } = req.query;
+    if (url) {
+        url = decodeURIComponent(url);
+        $.info(`指定远程订阅 URL: ${url}`);
+    }
    const allSubs = $.read(SUBS_KEY);
    const sub = findByName(allSubs, name);
    if (!sub) {
@@ -68,10 +73,11 @@ async function getFlowInfo(req, res) {
        return;
    }
    try {
-        let url = `${sub.url}`
-            .split(/[\r\n]+/)
-            .map((i) => i.trim())
-            .filter((i) => i.length)?.[0];
+        url =
+            `${url || sub.url}`
+                .split(/[\r\n]+/)
+                .map((i) => i.trim())
+                .filter((i) => i.length)?.[0] || '';

        let $arguments = {};
        const rawArgs = url.split('#');
@@ -118,6 +124,7 @@ async function getFlowInfo(req, res) {
                $arguments.flowUserAgent,
                undefined,
                sub.proxy,
+                $arguments.flowUrl,
            );
            if (!flowHeaders) {
                failed(
@@ -181,11 +188,21 @@ function createSubscription(req, res) {

 function getSubscription(req, res) {
    let { name } = req.params;
+    let { raw } = req.query;
    name = decodeURIComponent(name);
    const allSubs = $.read(SUBS_KEY);
    const sub = findByName(allSubs, name);
    if (sub) {
-        success(res, sub);
+        if (raw) {
+            res.set('content-type', 'application/json')
+                .set(
+                    'content-disposition',
+                    `attachment; filename="${encodeURIComponent(name)}.json"`,
+                )
+                .send(JSON.stringify(sub));
+        } else {
+            success(res, sub);
+        }
    } else {
        failed(
            res,
--- a/backend/src/restful/sync.js
+++ b/backend/src/restful/sync.js
@@ -36,6 +36,7 @@ async function produceArtifact({
    produceType,
    produceOpts = {},
    subscription,
+    awaitCustomCache,
 }) {
    platform = platform || 'JSON';

@@ -67,6 +68,8 @@ async function produceArtifact({
                                ua || sub.ua,
                                undefined,
                                sub.proxy,
+                                undefined,
+                                awaitCustomCache,
                            );
                        } catch (err) {
                            errors[url] = err;
@@ -112,6 +115,8 @@ async function produceArtifact({
                                ua || sub.ua,
                                undefined,
                                sub.proxy,
+                                undefined,
+                                awaitCustomCache,
                            );
                        } catch (err) {
                            errors[url] = err;
@@ -503,6 +508,7 @@ async function syncArtifacts() {
                        await produceArtifact({
                            type: 'subscription',
                            name: subName,
+                            awaitCustomCache: true,
                        });
                    } catch (e) {
                        // $.error(`${e.message ?? e}`);
--- a/backend/src/utils/dns.js
+++ b/backend/src/utils/dns.js
@@ -0,0 +1,49 @@
+import $ from '@/core/app';
+import dnsPacket from 'dns-packet';
+import { Buffer } from 'buffer';
+
+export async function doh({ url, domain, type = 'A', timeout, edns }) {
+    const buf = dnsPacket.encode({
+        type: 'query',
+        id: 0,
+        flags: dnsPacket.RECURSION_DESIRED,
+        questions: [
+            {
+                type,
+                name: domain,
+            },
+        ],
+        additionals: [
+            {
+                type: 'OPT',
+                name: '.',
+                udpPayloadSize: 4096,
+                flags: 0,
+                options: [
+                    {
+                        code: 'CLIENT_SUBNET',
+                        ip: edns,
+                        sourcePrefixLength: 24,
+                        scopePrefixLength: 0,
+                    },
+                ],
+            },
+        ],
+    });
+    const res = await $.http.get({
+        url: `${url}?dns=${buf
+            .toString('base64')
+            .toString('utf-8')
+            .replace(/=/g, '')}`,
+        headers: {
+            Accept: 'application/dns-message',
+            // 'Content-Type': 'application/dns-message',
+        },
+        // body: buf,
+        'binary-mode': true,
+        encoding: null, // 使用 null 编码以确保响应是原始二进制数据
+        timeout,
+    });
+
+    return dnsPacket.decode(Buffer.from($.env.isQX ? res.bodyBytes : res.body));
+}
--- a/backend/src/utils/download.js
+++ b/backend/src/utils/download.js
@@ -14,7 +14,14 @@ import $ from '@/core/app';

 const tasks = new Map();

-export default async function download(rawUrl, ua, timeout, proxy) {
+export default async function download(
+    rawUrl = '',
+    ua,
+    timeout,
+    proxy,
+    skipCustomCache,
+    awaitCustomCache,
+) {
    let $arguments = {};
    let url = rawUrl.replace(/#noFlow$/, '');
    const rawArgs = url.split('#');
@@ -35,10 +42,68 @@ export default async function download(rawUrl, ua, timeout, proxy) {
            }
        }
    }
+    const { isNode, isStash, isLoon, isShadowRocket, isQX } = ENV();
+    const { defaultUserAgent, defaultTimeout, cacheThreshold } =
+        $.read(SETTINGS_KEY);
+    const userAgent = ua || defaultUserAgent || 'clash.meta';
+    const requestTimeout = timeout || defaultTimeout;
+    const id = hex_md5(userAgent + url);
+
    const customCacheKey = $arguments?.cacheKey
        ? `#sub-store-cached-custom-${$arguments?.cacheKey}`
        : undefined;

+    if (customCacheKey && !skipCustomCache) {
+        const customCached = $.read(customCacheKey);
+        const cached = resourceCache.get(id);
+        if (!$arguments?.noCache && cached) {
+            $.info(
+                `乐观缓存: URL ${url}\n存在有效的常规缓存\n使用常规缓存以避免重复请求`,
+            );
+            return cached;
+        }
+        if (customCached) {
+            if (awaitCustomCache) {
+                $.info(`乐观缓存: URL ${url}\n本次进行请求 尝试更新缓存`);
+                try {
+                    await download(
+                        rawUrl.replace(/(\?|&)cacheKey=.*?(&|$)/, ''),
+                        ua,
+                        timeout,
+                        proxy,
+                        true,
+                    );
+                } catch (e) {
+                    $.error(
+                        `乐观缓存: URL ${url} 更新缓存发生错误 ${
+                            e.message ?? e
+                        }`,
+                    );
+                    $.info('使用乐观缓存的数据刷新缓存, 防止后续请求');
+                    resourceCache.set(id, customCached);
+                }
+            } else {
+                $.info(
+                    `乐观缓存: URL ${url}\n本次返回自定义缓存 ${$arguments?.cacheKey}\n并进行请求 尝试异步更新缓存`,
+                );
+                download(
+                    rawUrl.replace(/(\?|&)cacheKey=.*?(&|$)/, ''),
+                    ua,
+                    timeout,
+                    proxy,
+                    true,
+                ).catch((e) => {
+                    $.error(
+                        `乐观缓存: URL ${url} 异步更新缓存发生错误 ${
+                            e.message ?? e
+                        }`,
+                    );
+                });
+            }
+            return customCached;
+        }
+    }
+
    // const downloadUrlMatch = url.match(/^\/api\/(file|module)\/(.+)/);
    // if (downloadUrlMatch) {
    //     let type = downloadUrlMatch?.[1];
@@ -56,12 +121,6 @@ export default async function download(rawUrl, ua, timeout, proxy) {
    //     return item.content;
    // }

-    const { isNode, isStash, isLoon, isShadowRocket, isQX } = ENV();
-    const { defaultUserAgent, defaultTimeout, cacheThreshold } =
-        $.read(SETTINGS_KEY);
-    const userAgent = ua || defaultUserAgent || 'clash.meta';
-    const requestTimeout = timeout || defaultTimeout;
-    const id = hex_md5(userAgent + url);
    if (!isNode && tasks.has(id)) {
        return tasks.get(id);
    }
@@ -84,6 +143,10 @@ export default async function download(rawUrl, ua, timeout, proxy) {
    if (!$arguments?.noCache && cached) {
        $.info(`使用缓存: ${url}`);
        result = cached;
+        if (customCacheKey) {
+            $.info(`URL ${url}\n写入自定义缓存 ${$arguments?.cacheKey}`);
+            $.write(cached, customCacheKey);
+        }
    } else {
        $.info(
            `Downloading...\nUser-Agent: ${userAgent}\nTimeout: ${requestTimeout}\nProxy: ${proxy}\nURL: ${url}`,
@@ -120,6 +183,9 @@ export default async function download(rawUrl, ua, timeout, proxy) {
            if (shouldCache) {
                resourceCache.set(id, body);
                if (customCacheKey) {
+                    $.info(
+                        `URL ${url}\n写入自定义缓存 ${$arguments?.cacheKey}`,
+                    );
                    $.write(body, customCacheKey);
                }
            }
@@ -151,6 +217,7 @@ export default async function download(rawUrl, ua, timeout, proxy) {
                    $arguments.flowUserAgent,
                    undefined,
                    proxy,
+                    $arguments.flowUrl,
                ),
            ),
        );
--- a/backend/src/utils/env.js
+++ b/backend/src/utils/env.js
@@ -10,6 +10,7 @@ const {
    isShadowRocket,
    isLanceX,
    isEgern,
+    isGUIforCores,
 } = ENV();
 let backend = 'Node';
 if (isNode) backend = 'Node';
@@ -20,6 +21,7 @@ if (isStash) backend = 'Stash';
 if (isShadowRocket) backend = 'ShadowRocket';
 if (isEgern) backend = 'Egern';
 if (isLanceX) backend = 'LanceX';
+if (isGUIforCores) backend = 'GUI.for.Cores';

 let meta = {};

@@ -36,6 +38,10 @@ try {
        // eslint-disable-next-line no-undef
        meta.script = $script;
    }
+    if (typeof $Plugin !== 'undefined') {
+        // eslint-disable-next-line no-undef
+        meta.plugin = $Plugin;
+    }
    if (isNode) {
        meta.node = {
            version: eval('process.version'),
--- a/backend/src/utils/flow.js
+++ b/backend/src/utils/flow.js
@@ -10,8 +10,8 @@ export function getFlowField(headers) {
    )[0];
    return headers[subkey];
 }
-export async function getFlowHeaders(rawUrl, ua, timeout, proxy) {
-    let url = rawUrl;
+export async function getFlowHeaders(rawUrl, ua, timeout, proxy, flowUrl) {
+    let url = flowUrl || rawUrl || '';
    let $arguments = {};
    const rawArgs = url.split('#');
    url = url.split('#')[0];
@@ -48,60 +48,76 @@ export async function getFlowHeaders(rawUrl, ua, timeout, proxy) {
            'Quantumult%20X/1.0.30 (iPhone14,2; iOS 15.6)';
        const requestTimeout = timeout || defaultTimeout;
        const http = HTTP();
-        try {
+        if (flowUrl) {
            $.info(
-                `使用 HEAD 方法获取流量信息: ${url}, User-Agent: ${
+                `使用 GET 方法从响应体获取流量信息: ${flowUrl}, User-Agent: ${
                    userAgent || ''
                }`,
            );
-            const { headers } = await http.head({
-                url: url
-                    .split(/[\r\n]+/)
-                    .map((i) => i.trim())
-                    .filter((i) => i.length)[0],
-                headers: {
-                    'User-Agent': userAgent,
-                    ...(isStash && proxy
-                        ? {
-                              'X-Stash-Selected-Proxy':
-                                  encodeURIComponent(proxy),
-                          }
-                        : {}),
-                    ...(isShadowRocket && proxy
-                        ? { 'X-Surge-Policy': proxy }
-                        : {}),
-                },
-                timeout: requestTimeout,
-                ...(proxy ? { proxy } : {}),
-                ...(isLoon && proxy ? { node: proxy } : {}),
-                ...(isQX && proxy ? { opts: { policy: proxy } } : {}),
-                ...(proxy ? getPolicyDescriptor(proxy) : {}),
-            });
-            flowInfo = getFlowField(headers);
-        } catch (e) {
-            $.error(
-                `使用 HEAD 方法获取流量信息失败: ${url}, User-Agent: ${
-                    userAgent || ''
-                }: ${e.message ?? e}`,
-            );
-        }
-        if (!flowInfo) {
-            $.info(
-                `使用 GET 方法获取流量信息: ${url}, User-Agent: ${
-                    userAgent || ''
-                }`,
-            );
-            const { headers } = await http.get({
-                url: url
-                    .split(/[\r\n]+/)
-                    .map((i) => i.trim())
-                    .filter((i) => i.length)[0],
+            const { body } = await http.get({
+                url: flowUrl,
                headers: {
                    'User-Agent': userAgent,
                },
                timeout: requestTimeout,
            });
-            flowInfo = getFlowField(headers);
+            flowInfo = body;
+        } else {
+            try {
+                $.info(
+                    `使用 HEAD 方法从响应头获取流量信息: ${url}, User-Agent: ${
+                        userAgent || ''
+                    }`,
+                );
+                const { headers } = await http.head({
+                    url: url
+                        .split(/[\r\n]+/)
+                        .map((i) => i.trim())
+                        .filter((i) => i.length)[0],
+                    headers: {
+                        'User-Agent': userAgent,
+                        ...(isStash && proxy
+                            ? {
+                                  'X-Stash-Selected-Proxy':
+                                      encodeURIComponent(proxy),
+                              }
+                            : {}),
+                        ...(isShadowRocket && proxy
+                            ? { 'X-Surge-Policy': proxy }
+                            : {}),
+                    },
+                    timeout: requestTimeout,
+                    ...(proxy ? { proxy } : {}),
+                    ...(isLoon && proxy ? { node: proxy } : {}),
+                    ...(isQX && proxy ? { opts: { policy: proxy } } : {}),
+                    ...(proxy ? getPolicyDescriptor(proxy) : {}),
+                });
+                flowInfo = getFlowField(headers);
+            } catch (e) {
+                $.error(
+                    `使用 HEAD 方法从响应头获取流量信息失败: ${url}, User-Agent: ${
+                        userAgent || ''
+                    }: ${e.message ?? e}`,
+                );
+            }
+            if (!flowInfo) {
+                $.info(
+                    `使用 GET 方法获取流量信息: ${url}, User-Agent: ${
+                        userAgent || ''
+                    }`,
+                );
+                const { headers } = await http.get({
+                    url: url
+                        .split(/[\r\n]+/)
+                        .map((i) => i.trim())
+                        .filter((i) => i.length)[0],
+                    headers: {
+                        'User-Agent': userAgent,
+                    },
+                    timeout: requestTimeout,
+                });
+                flowInfo = getFlowField(headers);
+            }
        }
        if (flowInfo) {
            headersResourceCache.set(url, flowInfo);
--- a/backend/src/utils/geo.js
+++ b/backend/src/utils/geo.js
@@ -1,3 +1,5 @@
+import $ from '@/core/app';
+
 const ISOFlags = {
    '🏳️‍🌈': ['EXP', 'BAND'],
    '🇸🇱': ['TEST', 'SOS'],
@@ -291,7 +293,7 @@ export function getFlag(name) {
            '沪俄',
            'Moscow',
        ],
-        '🇸🇦': ['Saudi', '沙特阿拉伯', '沙特'],
+        '🇸🇦': ['Saudi', '沙特阿拉伯', '沙特', 'Riyadh', '利雅得'],
        '🇸🇪': ['Sweden', '瑞典'],
        '🇸🇬': [
            'Singapore',
@@ -327,6 +329,7 @@ export function getFlag(name) {
            '台',
            '臺',
            'Taipei',
+            'Tai Wan',
        ],
        '🇺🇦': ['Ukraine', '乌克兰', '烏克蘭'],
        '🇺🇸': [
@@ -427,3 +430,48 @@ export function getFlag(name) {
 export function getISO(name) {
    return ISOFlags[getFlag(name)]?.[0];
 }
+
+// remove flag
+export function removeFlag(str) {
+    return str
+        .replace(/[\uD83C][\uDDE6-\uDDFF][\uD83C][\uDDE6-\uDDFF]|🏴‍☠️|🏳️‍🌈/g, '')
+        .trim();
+}
+
+export class MMDB {
+    constructor({ country, asn } = {}) {
+        if ($.env.isNode) {
+            const Reader = eval(`require("@maxmind/geoip2-node")`).Reader;
+            const fs = eval("require('fs')");
+            const countryFile =
+                country || eval('process.env.SUB_STORE_MMDB_COUNTRY_PATH');
+            const asnFile = asn || eval('process.env.SUB_STORE_MMDB_ASN_PATH');
+            // $.info(
+            //     `GeoLite2 Country MMDB: ${countryFile}, exists: ${fs.existsSync(
+            //         countryFile,
+            //     )}`,
+            // );
+            if (countryFile) {
+                this.countryReader = Reader.openBuffer(
+                    fs.readFileSync(countryFile),
+                );
+            }
+            // $.info(
+            //     `GeoLite2 ASN MMDB: ${asnFile}, exists: ${fs.existsSync(
+            //         asnFile,
+            //     )}`,
+            // );
+            if (asnFile) {
+                if (!fs.existsSync(asnFile))
+                    throw new Error('GeoLite2 ASN MMDB does not exist');
+                this.asnReader = Reader.openBuffer(fs.readFileSync(asnFile));
+            }
+        }
+    }
+    geoip(ip) {
+        return this.countryReader?.country(ip)?.country?.isoCode;
+    }
+    ipaso(ip) {
+        return this.asnReader?.asn(ip)?.autonomousSystemOrganization;
+    }
+}
--- a/backend/src/utils/gist.js
+++ b/backend/src/utils/gist.js
@@ -135,9 +135,9 @@ export default class Gist {
                    }
                }
            });
-            console.log(`result`, result);
-            console.log(`files`, files);
-            console.log(`actions`, actions);
+            // console.log(`result`, result);
+            // console.log(`files`, files);
+            // console.log(`actions`, actions);

            if (this.syncPlatform === 'gitlab') {
                if (Object.keys(result).length === 0) {
--- a/backend/src/utils/index.js
+++ b/backend/src/utils/index.js
@@ -1,3 +1,4 @@
+import * as ipAddress from 'ip-address';
 // source: https://stackoverflow.com/a/36760050
 const IPV4_REGEX = /^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)(\.(?!$)|$)){4}$/;

@@ -46,54 +47,72 @@ function getPolicyDescriptor(str) {
          };
 }

-const utf8ArrayToStr =
-    typeof TextDecoder !== 'undefined'
-        ? (v) => new TextDecoder().decode(new Uint8Array(v))
-        : (function () {
-              var charCache = new Array(128); // Preallocate the cache for the common single byte chars
-              var charFromCodePt = String.fromCodePoint || String.fromCharCode;
-              var result = [];
+// const utf8ArrayToStr =
+//     typeof TextDecoder !== 'undefined'
+//         ? (v) => new TextDecoder().decode(new Uint8Array(v))
+//         : (function () {
+//               var charCache = new Array(128); // Preallocate the cache for the common single byte chars
+//               var charFromCodePt = String.fromCodePoint || String.fromCharCode;
+//               var result = [];

-              return function (array) {
-                  var codePt, byte1;
-                  var buffLen = array.length;
+//               return function (array) {
+//                   var codePt, byte1;
+//                   var buffLen = array.length;

-                  result.length = 0;
+//                   result.length = 0;

-                  for (var i = 0; i < buffLen; ) {
-                      byte1 = array[i++];
+//                   for (var i = 0; i < buffLen; ) {
+//                       byte1 = array[i++];

-                      if (byte1 <= 0x7f) {
-                          codePt = byte1;
-                      } else if (byte1 <= 0xdf) {
-                          codePt = ((byte1 & 0x1f) << 6) | (array[i++] & 0x3f);
-                      } else if (byte1 <= 0xef) {
-                          codePt =
-                              ((byte1 & 0x0f) << 12) |
-                              ((array[i++] & 0x3f) << 6) |
-                              (array[i++] & 0x3f);
-                      } else if (String.fromCodePoint) {
-                          codePt =
-                              ((byte1 & 0x07) << 18) |
-                              ((array[i++] & 0x3f) << 12) |
-                              ((array[i++] & 0x3f) << 6) |
-                              (array[i++] & 0x3f);
-                      } else {
-                          codePt = 63; // Cannot convert four byte code points, so use "?" instead
-                          i += 3;
-                      }
+//                       if (byte1 <= 0x7f) {
+//                           codePt = byte1;
+//                       } else if (byte1 <= 0xdf) {
+//                           codePt = ((byte1 & 0x1f) << 6) | (array[i++] & 0x3f);
+//                       } else if (byte1 <= 0xef) {
+//                           codePt =
+//                               ((byte1 & 0x0f) << 12) |
+//                               ((array[i++] & 0x3f) << 6) |
+//                               (array[i++] & 0x3f);
+//                       } else if (String.fromCodePoint) {
+//                           codePt =
+//                               ((byte1 & 0x07) << 18) |
+//                               ((array[i++] & 0x3f) << 12) |
+//                               ((array[i++] & 0x3f) << 6) |
+//                               (array[i++] & 0x3f);
+//                       } else {
+//                           codePt = 63; // Cannot convert four byte code points, so use "?" instead
+//                           i += 3;
+//                       }

-                      result.push(
-                          charCache[codePt] ||
-                              (charCache[codePt] = charFromCodePt(codePt)),
-                      );
-                  }
+//                       result.push(
+//                           charCache[codePt] ||
+//                               (charCache[codePt] = charFromCodePt(codePt)),
+//                       );
+//                   }

-                  return result.join('');
-              };
-          })();
+//                   return result.join('');
+//               };
+//           })();
+
+function getRandomInt(min, max) {
+    min = Math.ceil(min);
+    max = Math.floor(max);
+    return Math.floor(Math.random() * (max - min + 1)) + min;
+}
+
+function getRandomPort(portString) {
+    let portParts = portString.split(/,|\//);
+    let randomPart = portParts[Math.floor(Math.random() * portParts.length)];
+    if (randomPart.includes('-')) {
+        let [min, max] = randomPart.split('-').map(Number);
+        return getRandomInt(min, max);
+    } else {
+        return Number(randomPart);
+    }
+}

 export {
+    ipAddress,
    isIPv4,
    isIPv6,
    isValidPortNumber,
@@ -101,6 +120,7 @@ export {
    getIfNotBlank,
    isPresent,
    getIfPresent,
-    utf8ArrayToStr,
+    // utf8ArrayToStr,
    getPolicyDescriptor,
+    getRandomPort,
 };
--- a/backend/src/utils/rs.js
+++ b/backend/src/utils/rs.js
@@ -0,0 +1,11 @@
+import rs from 'jsrsasign';
+
+export function generateFingerprint(caStr) {
+    const hex = rs.pemtohex(caStr);
+    const fingerPrint = rs.KJUR.crypto.Util.hashHex(hex, 'sha256');
+    return fingerPrint.match(/.{2}/g).join(':').toUpperCase();
+}
+
+export default {
+    generateFingerprint,
+};
--- a/backend/src/utils/user-agent.js
+++ b/backend/src/utils/user-agent.js
@@ -28,7 +28,9 @@ export function getPlatformFromUserAgent({ ua, UA }) {
        return 'Stash';
    } else if (
        ua === 'meta' ||
-        (ua.indexOf('clash') !== -1 && ua.indexOf('meta') !== -1)
+        (ua.indexOf('clash') !== -1 && ua.indexOf('meta') !== -1) ||
+        ua.indexOf('clash-verge') !== -1 ||
+        ua.indexOf('flclash') !== -1
    ) {
        return 'ClashMeta';
    } else if (ua.indexOf('clash') !== -1) {
--- a/backend/src/vendor/express.js
+++ b/backend/src/vendor/express.js
@@ -161,7 +161,7 @@ export default function express({ substore: $, port, host }) {

    function Response() {
        let statusCode = 200;
-        const { isQX, isLoon, isSurge } = ENV();
+        const { isQX, isLoon, isSurge, isGUIforCores } = ENV();
        const headers = DEFAULT_HEADERS;
        const STATUS_CODE_MAP = {
            200: 'HTTP/1.1 200 OK',
@@ -184,7 +184,7 @@ export default function express({ substore: $, port, host }) {
                    body,
                    headers,
                };
-                if (isQX) {
+                if (isQX || isGUIforCores) {
                    $done(response);
                } else if (isLoon || isSurge) {
                    $done({
--- a/backend/src/vendor/open-api.js
+++ b/backend/src/vendor/open-api.js
@@ -8,6 +8,7 @@ const isStash =
 const isShadowRocket = 'undefined' !== typeof $rocket;
 const isEgern = 'object' == typeof egern;
 const isLanceX = 'undefined' != typeof $native;
+const isGUIforCores = typeof $Plugins !== 'undefined';

 export class OpenAPI {
    constructor(name = 'untitled', debug = false) {
@@ -48,7 +49,10 @@ export class OpenAPI {
            this.cache = JSON.parse($prefs.valueForKey(this.name) || '{}');
        if (isLoon || isSurge)
            this.cache = JSON.parse($persistentStore.read(this.name) || '{}');
-
+        if (isGUIforCores)
+            this.cache = JSON.parse(
+                $Plugins.SubStoreCache.get(this.name) || '{}',
+            );
        if (isNode) {
            // create a json for root cache
            const basePath =
@@ -86,6 +90,7 @@ export class OpenAPI {
        const data = JSON.stringify(this.cache, null, 2);
        if (isQX) $prefs.setValueForKey(data, this.name);
        if (isLoon || isSurge) $persistentStore.write(data, this.name);
+        if (isGUIforCores) $Plugins.SubStoreCache.set(this.name, data);
        if (isNode) {
            const basePath =
                eval('process.env.SUB_STORE_DATA_BASE_PATH') || '.';
@@ -118,6 +123,9 @@ export class OpenAPI {
            if (isNode) {
                this.root[key] = data;
            }
+            if (isGUIforCores) {
+                return $Plugins.SubStoreCache.set(key, data);
+            }
        } else {
            this.cache[key] = data;
        }
@@ -137,6 +145,9 @@ export class OpenAPI {
            if (isNode) {
                return this.root[key];
            }
+            if (isGUIforCores) {
+                return $Plugins.SubStoreCache.get(key);
+            }
        } else {
            return this.cache[key];
        }
@@ -155,6 +166,9 @@ export class OpenAPI {
            if (isNode) {
                delete this.root[key];
            }
+            if (isGUIforCores) {
+                return $Plugins.SubStoreCache.remove(key);
+            }
        } else {
            delete this.cache[key];
        }
@@ -220,6 +234,9 @@ export class OpenAPI {
                    });
            }
        }
+        if (isGUIforCores) {
+            $Plugins.Notify(title, subtitle + '\n' + content);
+        }
    }

    // other helper functions
@@ -240,7 +257,7 @@ export class OpenAPI {
    }

    done(value = {}) {
-        if (isQX || isLoon || isSurge) {
+        if (isQX || isLoon || isSurge || isGUIforCores) {
            $done(value);
        } else if (isNode) {
            if (typeof $context !== 'undefined') {
@@ -262,11 +279,12 @@ export function ENV() {
        isShadowRocket,
        isEgern,
        isLanceX,
+        isGUIforCores,
    };
 }

 export function HTTP(defaultOptions = { baseURL: '' }) {
-    const { isQX, isLoon, isSurge, isNode } = ENV();
+    const { isQX, isLoon, isSurge, isNode, isGUIforCores } = ENV();
    const methods = [
        'GET',
        'POST',
@@ -323,7 +341,10 @@ export function HTTP(defaultOptions = { baseURL: '' }) {
                const request = isNode
                    ? eval("require('request')")
                    : $httpClient;
+                const body = options.body;
                const opts = JSON.parse(JSON.stringify(options));
+                opts.body = body;
+
                if (!isNode && opts.timeout) {
                    opts.timeout++;
                    let unit = 'ms';
@@ -356,6 +377,30 @@ export function HTTP(defaultOptions = { baseURL: '' }) {
                        });
                });
            });
+        } else if (isGUIforCores) {
+            worker = new Promise(async (resolve, reject) => {
+                try {
+                    const response = await $Plugins.Requests({
+                        method,
+                        url: options.url,
+                        headers: options.headers,
+                        body: options.body,
+                        options: {
+                            Proxy: options.proxy,
+                            Timeout: options.timeout
+                                ? options.timeout / 1000
+                                : 15,
+                        },
+                    });
+                    resolve({
+                        statusCode: response.status,
+                        headers: response.headers,
+                        body: response.body,
+                    });
+                } catch (error) {
+                    reject(error);
+                }
+            });
        }

        let timeoutid;
--- a/config/Egern.yaml
+++ b/config/Egern.yaml
@@ -0,0 +1,37 @@
+name: Sub-Store
+description: '支持 Surge 正式版的参数设置功能. 测落地功能 ability: http-client-policy, 同步配置的定时 cronexp: 55 23 * * *'
+compat_arguments:
+  ability: http-client-policy
+  cronexp: 55 23 * * *
+  sync: '"Sub-Store Sync"'
+  timeout: '120'
+  engine: auto
+  produce: '"# Sub-Store Produce"'
+  produce_cronexp: 50 */6 * * *
+  produce_sub: '"sub1,sub2"'
+  produce_col: '"col1,col2"'
+compat_arguments_desc: '\n1️⃣ ability\n\n默认已开启测落地能力\n需要配合脚本操作\n如 https://raw.githubusercontent.com/Keywos/rule/main/cname.js\n填写任意其他值关闭\n\n2️⃣ cronexp\n\n同步配置定时任务\n默认为每天 23 点 55 分\n\n定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 ''同步'' 或 ''同步配置''\n\n3️⃣ sync\n\n自定义定时任务名\n便于在脚本编辑器中选择\n若设为 # 可取消定时任务\n\n4️⃣ timeout\n\n脚本超时, 单位为秒\n\n5️⃣ engine\n\n默认为自动使用 webview 引擎, 可设为指定 jsc, 但 jsc 容易爆内存\n\n6️⃣ produce\n\n自定义处理订阅的定时任务名\n一般用于定时处理耗时较长的订阅, 以更新缓存\n这样 Surge 中拉取的时候就能用到缓存, 不至于总是超时\n若设为 # 可取消此定时任务\n默认不开启\n\n7️⃣ produce_cronexp\n\n配置处理订阅的定时任务\n\n默认为每 6 小时\n\n9️⃣ produce_sub\n\n自定义需定时处理的单条订阅名\n多个用 , 连接\n\n🔟 produce_col\n\n自定义需定时处理的组合订阅名\n多个用 , 连接\n\n⚠️ 注意: 是 名称(name) 不是 显示名称(displayName)\n如果名称需要编码, 请编码后再用 , 连接\n顺序: 并发执行单条订阅, 然后并发执行组合订阅'
+scriptings:
+- http_request:
+    name: Sub-Store Core
+    match: ^https?:\/\/sub\.store\/((download)|api\/(preview|sync|(utils\/node-info)))
+    script_url: https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-1.min.js
+    body_required: true
+- http_request:
+    name: Sub-Store Simple
+    match: ^https?:\/\/sub\.store
+    script_url: https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-0.min.js
+    body_required: true
+- schedule:
+    name: '{{{sync}}}'
+    cron: '{{{cronexp}}}'
+    script_url: https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js
+- schedule:
+    name: '{{{produce}}}'
+    cron: '{{{produce_cronexp}}}'
+    script_url: https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js
+    arguments:
+      _compat.$argument: '"sub={{{produce_sub}}}&col={{{produce_col}}}"'
+mitm:
+  hostnames:
+  - sub.store
--- a/config/Loon.plugin
+++ b/config/Loon.plugin
@@ -1,5 +1,5 @@
 #!name=Sub-Store
-#!desc=高级订阅管理工具. 定时任务默认为每天 23 点 55 分
+#!desc=高级订阅管理工具. 定时任务默认为每天 23 点 55 分. 定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'
 #!openUrl=https://sub.store
 #!author=Peng-YM
 #!homepage=https://github.com/sub-store-org/Sub-Store
--- a/config/QX-Task.json
+++ b/config/QX-Task.json
@@ -1,6 +1,6 @@
 {
  "name": "Sub-Store",
-  "description": "定时任务默认为每天 23 点 55 分",
+  "description": "定时任务默认为每天 23 点 55 分. 定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'",
  "task": [
    "55 23 * * * https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js, tag=Sub-Store Sync, img-url=https://raw.githubusercontent.com/58xinian/icon/master/Sub-Store1.png"
  ]
--- a/config/README.md
+++ b/config/README.md
@@ -6,17 +6,29 @@ Sub-Store Releases: [`https://github.com/sub-store-org/Sub-Store/releases`](http

 Telegram 频道: [`https://t.me/cool_scripts` ](https://t.me/cool_scripts)

-## 脚本配置：
+## 服务器/云平台/Docker/Android 版
+
+https://xream.notion.site/Sub-Store-abe6a96944724dc6a36833d5c9ab7c87
+
+## App 版

 ### 1. Loon
 安装使用 插件 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Loon.plugin`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Loon.plugin) 即可。

 ### 2. Surge

+#### 关于 Surge 的格外说明
+
+Surge Mac 版如何支持 SSR, 如何去除 HTTP 传输层以支持 类似 VMess HTTP 节点等 请查看 [链接参数说明](https://github.com/sub-store-org/Sub-Store/wiki/%E9%93%BE%E6%8E%A5%E5%8F%82%E6%95%B0%E8%AF%B4%E6%98%8E)
+
+定时处理订阅 功能, 避免 App 内拉取超时, 请查看 [定时处理订阅](https://t.me/zhetengsha/1449)
+
 0. 最新 Surge iOS TestFlight 版本 可使用 Beta 版(支持最新 Surge iOS TestFlight 版本的特性): [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Beta.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Beta.sgmodule)

 1. 官方默认版模块(支持 App 内使用编辑参数): [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge.sgmodule)

+> 最新版 Surge 已删除 `ability: http-client-policy` 参数, 模块暂不做修改, 对测落地功能无影响
+
 2. 经典版, 不支持编辑参数, 固定带 ability 参数版本, 使用 jsc 引擎时, 可能会爆内存, 如果需要使用指定节点功能 例如[加旗帜脚本或者cname脚本] 请使用此带 ability 参数版本: [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-ability.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-ability.sgmodule)

 3. 经典版, 不支持编辑参数, 固定不带 ability 参数版本： [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Noability.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Noability.sgmodule)
@@ -31,9 +43,20 @@ Telegram 频道: [`https://t.me/cool_scripts` ](https://t.me/cool_scripts)
 安装使用 覆写 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Stash.stoverride`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Stash.stoverride) 即可。

 ### 5. Shadowrocket
-安装使用 模块 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge.sgmodule) 即可。
+安装使用 模块 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Noability.sgmodule`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Surge-Noability.sgmodule) 即可。
+
+### 6. Egern
+安装使用 模块 [`https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Egern.yaml`](https://raw.githubusercontent.com/sub-store-org/Sub-Store/master/config/Egern.yaml) 即可。

 ## 使用 Sub-Store
 1. 使用 Safari 打开这个 https://sub.store 如网页正常打开并且未弹出任何错误提示，说明 Sub-Store 已经配置成功。
 2. 可以把 Sub-Store 添加到主屏幕，即可获得类似于 APP 的使用体验。
 3. 更详细的使用指南请参考[文档](https://www.notion.so/Sub-Store-6259586994d34c11a4ced5c406264b46)。
+
+## 链接参数说明
+
+https://github.com/sub-store-org/Sub-Store/wiki/%E9%93%BE%E6%8E%A5%E5%8F%82%E6%95%B0%E8%AF%B4%E6%98%8E
+
+## 脚本使用说明
+
+https://github.com/sub-store-org/Sub-Store/wiki/%E8%84%9A%E6%9C%AC%E4%BD%BF%E7%94%A8%E8%AF%B4%E6%98%8E
--- a/config/Stash.stoverride
+++ b/config/Stash.stoverride
@@ -1,5 +1,5 @@
 name: Sub-Store
-desc: 高级订阅管理工具 @Peng-YM. 定时任务默认为每天  23 点 55 分
+desc: 高级订阅管理工具 @Peng-YM. 定时任务默认为每天  23 点 55 分. 定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'
 icon: https://raw.githubusercontent.com/cc63/ICON/main/Sub-Store.png

 http:
--- a/config/Surge-Beta.sgmodule
+++ b/config/Surge-Beta.sgmodule
@@ -1,8 +1,8 @@
 #!name=Sub-Store(β)
 #!desc=支持 Surge 正式版的参数设置功能. 测落地功能 ability: http-client-policy, 同步配置的定时 cronexp: 55 23 * * *
 #!category=订阅管理
-#!arguments=ability:http-client-policy,cronexp:55 23 * * *,sync:"Sub-Store Sync",timeout:120,engine:auto
-#!arguments-desc=\n1️⃣ ability\n\n默认已开启测落地能力\n需要配合脚本操作\n如 https://raw.githubusercontent.com/Keywos/rule/main/cname.js\n填写任意其他值关闭\n\n2️⃣ cronexp\n\n同步配置定时任务\n默认为每天 23 点 55 分\n\n3️⃣ sync\n\n自定义定时任务名\n便于在脚本编辑器中选择\n若设为 # 可取消定时任务\n\n4️⃣ timeout\n\n超时, 单位为秒\n\n5️⃣ engine\n\n默认为自动使用 webview 引擎, 可设为指定 jsc, 但 jsc 容易爆内存
+#!arguments=ability:http-client-policy,cronexp:55 23 * * *,sync:"Sub-Store Sync",timeout:120,engine:auto,produce:"# Sub-Store Produce",produce_cronexp:50 */6 * * *,produce_sub:"sub1,sub2",produce_col:"col1,col2"
+#!arguments-desc=\n1️⃣ ability\n\n默认已开启测落地能力\n需要配合脚本操作\n如 https://raw.githubusercontent.com/Keywos/rule/main/cname.js\n填写任意其他值关闭\n\n2️⃣ cronexp\n\n同步配置定时任务\n默认为每天 23 点 55 分\n\n定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'\n\n3️⃣ sync\n\n自定义定时任务名\n便于在脚本编辑器中选择\n若设为 # 可取消定时任务\n\n4️⃣ timeout\n\n脚本超时, 单位为秒\n\n5️⃣ engine\n\n默认为自动使用 webview 引擎, 可设为指定 jsc, 但 jsc 容易爆内存\n\n6️⃣ produce\n\n自定义处理订阅的定时任务名\n一般用于定时处理耗时较长的订阅, 以更新缓存\n这样 Surge 中拉取的时候就能用到缓存, 不至于总是超时\n若设为 # 可取消此定时任务\n默认不开启\n\n7️⃣ produce_cronexp\n\n配置处理订阅的定时任务\n\n默认为每 6 小时\n\n9️⃣ produce_sub\n\n自定义需定时处理的单条订阅名\n多个用 , 连接\n\n🔟 produce_col\n\n自定义需定时处理的组合订阅名\n多个用 , 连接\n\n⚠️ 注意: 是 名称(name) 不是 显示名称(displayName)\n如果名称需要编码, 请编码后再用 , 连接\n顺序: 并发执行单条订阅, 然后并发执行组合订阅

 [MITM]
 hostname = %APPEND% sub.store
@@ -12,4 +12,6 @@ Sub-Store Core=type=http-request,pattern=^https?:\/\/sub\.store\/((download)|api

 Sub-Store Simple=type=http-request,pattern=^https?:\/\/sub\.store,script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-0.min.js,requires-body=true,timeout={{{timeout}}},engine={{{engine}}}

-{{{sync}}}=type=cron,cronexp="{{{cronexp}}}",wake-system=1,timeout={{{timeout}}},script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js,engine={{{engine}}}
+{{{sync}}}=type=cron,cronexp="{{{cronexp}}}",wake-system=1,timeout={{{timeout}}},script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js,engine={{{engine}}}
+
+{{{produce}}}=type=cron,cronexp="{{{produce_cronexp}}}",wake-system=1,timeout={{{timeout}}},script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js,engine={{{engine}}},argument="sub={{{produce_sub}}}&col={{{produce_col}}}"
--- a/config/Surge-Noability.sgmodule
+++ b/config/Surge-Noability.sgmodule
@@ -1,5 +1,5 @@
 #!name=Sub-Store
-#!desc=高级订阅管理工具 @Peng-YM  无 ability 参数版本,不会爆内存, 如果需要使用指定节点功能 例如[加旗帜脚本或者cname脚本] 可以用带 ability 参数. 定时任务默认为每天  23 点 55 分
+#!desc=高级订阅管理工具 @Peng-YM  无 ability 参数版本,不会爆内存, 如果需要使用指定节点功能 例如[加旗帜脚本或者cname脚本] 可以用带 ability 参数. 定时任务默认为每天  23 点 55 分. 定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'
 #!category=订阅管理

 [MITM]
--- a/config/Surge-ability.sgmodule
+++ b/config/Surge-ability.sgmodule
@@ -1,5 +1,5 @@
 #!name=Sub-Store
-#!desc=高级订阅管理工具 @Peng-YM  带 ability 参数版本, 使用 jsc 引擎时, 可能会爆内存, 如果不需要使用指定节点功能 例如[加旗帜脚本或者cname脚本] 可以用不带 ability 参数版本. 定时任务默认为每天 23 点 55 分
+#!desc=高级订阅管理工具 @Peng-YM  带 ability 参数版本, 使用 jsc 引擎时, 可能会爆内存, 如果不需要使用指定节点功能 例如[加旗帜脚本或者cname脚本] 可以用不带 ability 参数版本. 定时任务默认为每天 23 点 55 分. 定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'
 #!category=订阅管理

 [MITM]
--- a/config/Surge.sgmodule
+++ b/config/Surge.sgmodule
@@ -1,8 +1,8 @@
 #!name=Sub-Store
 #!desc=支持 Surge 正式版的参数设置功能. 测落地功能 ability: http-client-policy, 同步配置的定时 cronexp: 55 23 * * *
 #!category=订阅管理
-#!arguments=ability:http-client-policy,cronexp:55 23 * * *,sync:"Sub-Store Sync",timeout:120,engine:auto
-#!arguments-desc=\n1️⃣ ability\n\n默认已开启测落地能力\n需要配合脚本操作\n如 https://raw.githubusercontent.com/Keywos/rule/main/cname.js\n填写任意其他值关闭\n\n2️⃣ cronexp\n\n同步配置定时任务\n默认为每天 23 点 55 分\n\n3️⃣ sync\n\n自定义定时任务名\n便于在脚本编辑器中选择\n若设为 # 可取消定时任务\n\n4️⃣ timeout\n\n超时, 单位为秒\n\n5️⃣ engine\n\n默认为自动使用 webview 引擎, 可设为指定 jsc, 但 jsc 容易爆内存
+#!arguments=ability:http-client-policy,cronexp:55 23 * * *,sync:"Sub-Store Sync",timeout:120,engine:auto,produce:"# Sub-Store Produce",produce_cronexp:50 */6 * * *,produce_sub:"sub1,sub2",produce_col:"col1,col2"
+#!arguments-desc=\n1️⃣ ability\n\n默认已开启测落地能力\n需要配合脚本操作\n如 https://raw.githubusercontent.com/Keywos/rule/main/cname.js\n填写任意其他值关闭\n\n2️⃣ cronexp\n\n同步配置定时任务\n默认为每天 23 点 55 分\n\n定时任务指定时将订阅/文件上传到私有 Gist. 在前端, 叫做 '同步' 或 '同步配置'\n\n3️⃣ sync\n\n自定义定时任务名\n便于在脚本编辑器中选择\n若设为 # 可取消定时任务\n\n4️⃣ timeout\n\n脚本超时, 单位为秒\n\n5️⃣ engine\n\n默认为自动使用 webview 引擎, 可设为指定 jsc, 但 jsc 容易爆内存\n\n6️⃣ produce\n\n自定义处理订阅的定时任务名\n一般用于定时处理耗时较长的订阅, 以更新缓存\n这样 Surge 中拉取的时候就能用到缓存, 不至于总是超时\n若设为 # 可取消此定时任务\n默认不开启\n\n7️⃣ produce_cronexp\n\n配置处理订阅的定时任务\n\n默认为每 6 小时\n\n9️⃣ produce_sub\n\n自定义需定时处理的单条订阅名\n多个用 , 连接\n\n🔟 produce_col\n\n自定义需定时处理的组合订阅名\n多个用 , 连接\n\n⚠️ 注意: 是 名称(name) 不是 显示名称(displayName)\n如果名称需要编码, 请编码后再用 , 连接\n顺序: 并发执行单条订阅, 然后并发执行组合订阅

 [MITM]
 hostname = %APPEND% sub.store
@@ -12,4 +12,6 @@ Sub-Store Core=type=http-request,pattern=^https?:\/\/sub\.store\/((download)|api

 Sub-Store Simple=type=http-request,pattern=^https?:\/\/sub\.store,script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store-0.min.js,requires-body=true,timeout={{{timeout}}},engine={{{engine}}}

-{{{sync}}}=type=cron,cronexp="{{{cronexp}}}",wake-system=1,timeout={{{timeout}}},script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js,engine={{{engine}}}
+{{{sync}}}=type=cron,cronexp="{{{cronexp}}}",wake-system=1,timeout={{{timeout}}},script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js,engine={{{engine}}}
+
+{{{produce}}}=type=cron,cronexp="{{{produce_cronexp}}}",wake-system=1,timeout={{{timeout}}},script-path=https://github.com/sub-store-org/Sub-Store/releases/latest/download/cron-sync-artifacts.min.js,engine={{{engine}}},argument="sub={{{produce_sub}}}&col={{{produce_col}}}"
--- a/scripts/demo.js
+++ b/scripts/demo.js
@@ -1,16 +1,25 @@
 function operator(proxies = [], targetPlatform, context) {
  // 支持快捷操作 不一定要写一个 function
  // 可参考 https://t.me/zhetengsha/970
-  // https://t.me/zhetengsha/1009 
-
+  // https://t.me/zhetengsha/1009

  // proxies 为传入的内部节点数组
-  // 结构大致参考了 Clash.Meta(mihomo) 有私货
  // 可在预览界面点击节点查看 JSON 结构 或查看 `target=JSON` 的通用订阅
-  // 1. `no-resolve` 为不解析域名
-  // 2. 域名解析后 会多一个 `resolved` 字段
-  // 3. 域名解析后会有`_IPv4`, `_IPv6`, `_IP`(若有多个步骤, 只取第一次成功的 v4 或 v6 数据), `_domain` 字段
+  // 0. 结构大致参考了 Clash.Meta(mihomo), 可参考 mihomo 的文档, 例如 `xudp`, `smux` 都可以自己设置. 但是有私货, 下面是我能想起来的一些私货
+  // 1. `_no-resolve` 为不解析域名
+  // 2. 域名解析后 会多一个 `_resolved` 字段, 表示是否解析成功
+  // 3. 域名解析后会有`_IPv4`, `_IPv6`, `_IP`(若有多个步骤, 只取第一次成功的 v4 或 v6 数据), `_IP4P`(若解析类型为 IPv6 且符合 IP4P 类型, 将自动转换), `_domain` 字段, `_resolved_ips` 为解析出的所有 IP
  // 4. 节点字段 `exec` 为 `ssr-local` 路径, 默认 `/usr/local/bin/ssr-local`; 端口从 10000 开始递增(暂不支持配置)
+  // 5. `_subName` 为单条订阅名
+  // 6. `_collectionName` 为组合订阅名
+  // 7. `tls-fingerprint` 为 tls 指纹
+  // 8. `underlying-proxy` 为前置代理
+  // 9. `trojan`, `tuic`, `hysteria`, `hysteria2`, `juicity` 会在解析时设置 `tls`: true (会使用 tls 类协议的通用逻辑),  输出时删除
+  // 10. `sni` 在某些协议里会自动与 `servername` 转换
+  // 11. 读取节点的 ca-str 和 _ca (后端文件路径) 字段, 自动计算 fingerprint (参考 https://t.me/zhetengsha/1512)
+  // 12. 以 Surge 为例, 最新的参数一般我都会跟进, 以 Surge 文档为例, 一些常用的: TUIC/Hysteria 2 的 `ecn`, Snell 的 `reuse` 连接复用, QUIC 策略 block-quic`, Hysteria 2 下载带宽 `down`
+  //
+  // 如果只是为了快速修改或者筛选 可以参考 脚本操作支持节点快捷脚本 https://t.me/zhetengsha/970 和 脚本筛选支持节点快捷脚本 https://t.me/zhetengsha/1009

  // $arguments 为传入的脚本参数

@@ -20,7 +29,7 @@ function operator(proxies = [], targetPlatform, context) {

  // $substore 为 OpenAPI
  // 参考 https://github.com/Peng-YM/QuanX/blob/master/Tools/OpenAPI/README.md
-  
+
  // scriptResourceCache 缓存
  // 可参考 https://t.me/zhetengsha/1003
  // const cache = scriptResourceCache
@@ -33,16 +42,22 @@ function operator(proxies = [], targetPlatform, context) {
  //     parse, // 订阅解析
  //     process, // 节点操作/文件操作
  //     produce, // 输出订阅
+  //     getRandomPort, // 获取随机端口(参考 ports 端口跳跃的格式 443,8443,5000-6000)
+  //     ipAddress, // https://github.com/beaugunderson/ip-address
  //     isIPv4,
  //     isIPv6,
  //     isIP,
  //     yaml, // yaml 解析和生成
  //     getFlag, // 获取 emoji 旗帜
+  //     removeFlag, // 移除 emoji 旗帜
  //     getISO, // 获取 ISO 3166-1 alpha-2 代码
+  //     Gist, // Gist 类
  // }

  // 示例: 给节点名添加前缀
  // $server.name = `[${ProxyUtils.getISO($server.name)}] ${$server.name}`
+  // 示例: 给节点名添加旗帜
+  // $server.name = `[${ProxyUtils.getFlag($server.name).replace(/🇹🇼/g, '🇼🇸')}] ${ProxyUtils.removeFlag($server.name)}`

  // 示例: 从 sni 文件中读取内容并进行节点操作
  // const sni = await produceArtifact({
@@ -62,7 +77,7 @@ function operator(proxies = [], targetPlatform, context) {
  //   }
  // })
  // $content = proxies
-  
+
  // 2. sing-box

  // 但是一般不需要这样用, 可参考
@@ -94,6 +109,11 @@ function operator(proxies = [], targetPlatform, context) {
  //     produceType: 'internal' // 'internal' produces an Array, otherwise produces a String( ProxyUtils.yaml.safeLoad('YAML String').proxies )
  // })

+  // 4. 一个比较折腾的方案: 在脚本操作中, 把内容同步到另一个 gist
+  // 见 https://t.me/zhetengsha/1428
+  //
+  // const content = ProxyUtils.produce([...proxies], platform)
+
  // // YAML
  // ProxyUtils.yaml.load('YAML String')
  // ProxyUtils.yaml.safeLoad('YAML String')
@@ -111,12 +131,11 @@ function operator(proxies = [], targetPlatform, context) {
  // yaml.proxies.unshift(...clashMetaProxies)
  // $content = ProxyUtils.yaml.dump(yaml)

-
-  // { $content, $files } will be passed to the next operator 
+  // { $content, $files } will be passed to the next operator
  // $content is the final content of the file

  // flowUtils 为机场订阅流量信息处理工具
-  // 可参考: 
+  // 可参考:
  // 1. https://t.me/zhetengsha/948

  // context 为传入的上下文
@@ -205,7 +224,7 @@ function operator(proxies = [], targetPlatform, context) {
  // 参数说明
  // 可参考 https://github.com/sub-store-org/Sub-Store/wiki/%E9%93%BE%E6%8E%A5%E5%8F%82%E6%95%B0%E8%AF%B4%E6%98%8E

-  console.log(JSON.stringify(context, null, 2))
+  console.log(JSON.stringify(context, null, 2));

-  return proxies
+  return proxies;
 }
--- a/scripts/ip-flag-node.js
+++ b/scripts/ip-flag-node.js
@@ -0,0 +1,79 @@
+const $ = $substore;
+
+const {onlyFlagIP = true} = $arguments
+
+async function operator(proxies) {
+    const BATCH_SIZE = 10;
+
+    let i = 0;
+    while (i < proxies.length) {
+        const batch = proxies.slice(i, i + BATCH_SIZE);
+        await Promise.all(batch.map(async proxy => {
+            if (onlyFlagIP && !ProxyUtils.isIP(proxy.server)) return;
+            try {
+                // remove the original flag
+                let proxyName = removeFlag(proxy.name);
+
+                // query ip-api
+                const countryCode = await queryIpApi(proxy);
+
+                proxyName = getFlagEmoji(countryCode) + ' ' + proxyName;
+                proxy.name = proxyName;
+            } catch (err) {
+                // TODO:
+            }
+        }));
+
+        await sleep(1000);
+        i += BATCH_SIZE;
+    }
+    return proxies;
+}
+
+
+async function queryIpApi(proxy) {
+    const ua = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:78.0) Gecko/20100101 Firefox/78.0";
+    const headers = {
+        "User-Agent": ua
+    };
+    const result = new Promise((resolve, reject) => {
+        const url =
+            `http://ip-api.com/json/${encodeURIComponent(proxy.server)}?lang=zh-CN`;
+        $.http.get({
+            url,
+            headers,
+        }).then(resp => {
+            const data = JSON.parse(resp.body);
+            if (data.status === "success") {
+                resolve(data.countryCode);
+            } else {
+                reject(new Error(data.message));
+            }
+        }).catch(err => {
+            console.log(err);
+            reject(err);
+        });
+    });
+    return result;
+}
+
+function getFlagEmoji(countryCode) {
+    const codePoints = countryCode
+        .toUpperCase()
+        .split('')
+        .map(char => 127397 + char.charCodeAt());
+    return String
+        .fromCodePoint(...codePoints)
+        .replace(/🇹🇼/g, '🇨🇳');
+}
+
+function removeFlag(str) {
+    return str
+        .replace(/[\uD83C][\uDDE6-\uDDFF][\uD83C][\uDDE6-\uDDFF]/g, '')
+        .trim();
+}
+
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
Author	SHA1	Message	Date
xream	eef4fa0751	feat: 脚本操作传入上下文 `require` (仅对应的环境支持)	2024-08-31 18:48:47 +08:00
xream	84dc0d63f2	Merge pull request #350 from egerndaddy/patch-1 添加 Egern 的模块支持	2024-08-29 13:34:08 +08:00
egerndaddy	9ce14351c5	doc: 添加 Egern 模块链接	2024-08-29 13:26:27 +08:00
egerndaddy	76e781c711	Create Egern.yaml	2024-08-29 13:09:59 +08:00
xream	f0acf4a2a7	fix: DoH 结果过滤	2024-08-29 12:30:49 +08:00
xream	9abeb4ce7b	fix: 修复 SurgeMac ShadowsocksR obfs-param	2024-08-28 14:51:06 +08:00
xream	153802c7c4	feat: Loon SOCKS5 UDP	2024-08-26 00:33:22 +08:00
xream	19418b631f	feat(uri): VMess URI 输入支持 allowInsecure(输出不支持, 与 2dust/v2rayN 分享链接逻辑一致)	2024-08-18 15:53:13 +08:00
xream	97caeed208	feat(geo): 增加利雅得 Riyadh	2024-08-17 14:06:28 +08:00
xream	dd8d1d85e8	feat: 支持 Loon tls-pubkey-sha256, tls-cert-sha256	2024-07-30 22:17:25 +08:00
xream	14ed56b5d5	chore: 传输层应该有配置, 暂时不考虑兼容不给配置的节点	2024-07-24 11:27:33 +08:00
xream	9785271c5b	chore: 增加部分 clash.meta(mihomo) 内核客户端的 User-Agent(clash-verge, flclash)	2024-07-20 14:48:39 +08:00
xream	05bdf95a29	feat: 处理端口跳跃(感谢亚托莉佬)	2024-07-19 15:23:44 +08:00
xream	317a804b36	fix: 修复 URI 报错	2024-07-19 14:33:34 +08:00
xream	10ec8a25a2	feat: 处理不规范的 hysteria2 节点	2024-07-19 09:45:28 +08:00
xream	aa0943a909	fix: 被识别为 IP4P 的域名解析结果均增加 _IP4P 字段; 修复报错	2024-07-18 19:48:01 +08:00
xream	a0c1bbbf70	fix: 域名解析修复; 结果增加 _IP4P 字段	2024-07-18 19:42:57 +08:00
xream	fea9de4fae	feat: IP4P 合并进 IPv6; ProxyUtils 中增加 ipAddress	2024-07-18 18:35:22 +08:00
xream	cddd1818fe	chore: bump release version	2024-07-08 02:51:21 +08:00
xream	f94830b2df	Merge pull request #339 from zhiqiang02/add-tai-wan-keyword Add 'Tai Wan' as a keyword for Taiwan flag	2024-07-08 02:50:13 +08:00
zhiqiang02	e02a26040e	Add 'Tai Wan' as a keyword for Taiwan flag 碰到了某机场奇奇怪怪的节点名	2024-07-08 02:38:50 +08:00
xream	6906efdd55	chore: bump release version	2024-07-02 21:04:14 +08:00
xream	9558b63261	Merge pull request #336 from cooip-jm/patch-1 处理grpc-opts为 {} 的情况	2024-07-02 21:03:30 +08:00
cooip-jm	4bfdef17ee	处理grpc-opts为 {} 的情况该字段仅影响sing-box内核，对mihomo无影响	2024-07-02 21:01:11 +08:00
xream	9d29fc8a09	feat: 处理 reality-opts 为 {} 的情况	2024-07-02 20:39:04 +08:00
xream	f524920c13	feat: 文件支持设置查询流量信息订阅链接. 服务器版中使用此链接可在响应中传递订阅流量信息	2024-06-28 18:34:26 +08:00
xream	bfe072cbdf	feat: 域名解析支持自定义 EDNS(需新版前端)	2024-06-22 11:45:37 +08:00
xream	32dcca4a26	feat: 域名解析支持自定义 DoH(需新版前端)	2024-06-20 21:42:15 +08:00
xream	a5d77c39c8	feat: 域名解析增加超时参数(默认使用全局超时)	2024-06-20 13:41:05 +08:00
xream	6ea1b69a62	doc: demo.js 增加更多字段的说明	2024-06-20 11:44:07 +08:00
xream	2b3b9177e5	feat: 域名解析新增 `_resolved_ips` 为解析出的所有 IP	2024-06-20 11:28:17 +08:00
xream	91aab3ca7a	fix: 修复 Tencent DNS 缓存	2024-06-20 10:59:06 +08:00
xream	c1a9fc6abc	fix: 修复 Loon Hysteria2 salamander 混淆	2024-06-17 11:08:43 +08:00
xream	11d9ce7372	feat: 支持 Loon Hysteria2 salamander 混淆	2024-06-16 21:49:13 +08:00
xream	ad3d2270ac	feat: 读取节点的 ca-str 和 _ca (后端文件路径) 字段, 自动计算 fingerprint	2024-06-13 20:44:12 +08:00
xream	3ad42f2c10	feat: Stash 支持 juicity, ssh	2024-06-12 15:16:56 +08:00
xream	ec06eb8659	fix: sing-box tls cert 应该为数组	2024-06-10 19:10:57 +08:00
xream	4a23a4d8b6	fix: tlsParser typo	2024-06-10 19:07:19 +08:00
xream	913638a233	feat: /api/sub/flow/:name 接口支持指定远程订阅 url(可携带订阅 url 支持的参数, 例如 flowUserAgent)	2024-06-10 13:24:06 +08:00
xream	bf642ce0e6	fix: 兼容空的订阅链接	2024-06-09 01:42:40 +08:00
xream	1ecac9da92	chore: demo.js	2024-06-06 21:50:13 +08:00
xream	c5a417da8f	feat: VMess URI 支持 TCP/H2 传输层	2024-06-03 21:14:07 +08:00
xream	8cd0545023	feat: ws, http, h2 传输层补全 path	2024-06-03 00:34:03 +08:00
xream	b6f848a6e6	feat: ProxyUtils.removeFlag	2024-06-02 18:30:53 +08:00
xream	99d058bcf1	feat: 支持 flowUrl	2024-06-02 16:03:01 +08:00
xream	533103e765	feat: 进一步优化乐观缓存和同步配置的逻辑	2024-06-01 20:09:57 +08:00
xream	cf82764171	feat: 进一步优化乐观缓存和同步配置的逻辑	2024-06-01 19:50:16 +08:00
xream	7b783c1fe3	fix: 简单修复乐观缓存(当异步更新乐观缓存时, 若存在常规缓存, 将使用常规缓存)	2024-05-31 20:52:01 +08:00
xream	372eff9a44	chore: 文案	2024-05-31 11:42:23 +08:00
xream	d3b5a529d7	doc: README	2024-05-30 21:32:48 +08:00
xream	8049134bb5	feat: Surge includeUnsupportedProxy 去除 HTTP 传输层(不一定能通, 由服务端配置确定)	2024-05-30 18:41:56 +08:00
xream	3f620700a4	feat: GUIforCores 请求增加参数 proxy, timeout	2024-05-30 17:19:38 +08:00
xream	9e64a68481	fix: VMess URI 输入传输层为 HTTP 时, path 默认为 /	2024-05-30 14:28:02 +08:00
xream	9ce5916414	fix: 乐观缓存未捕获错误	2024-05-30 13:10:08 +08:00
xream	047c21fe70	feat: 节点上的额外参数调整为下划线开头, 原参数目前仍保留, 若有脚本需要使用这些参数请尽快修改(_subName, _collectionName, _resolved, _no-resolve)	2024-05-30 04:48:13 +08:00
xream	47849dc6d0	feat: 节点上的额外参数调整为下划线开头, 原参数目前仍保留, 若有脚本需要使用这些参数请尽快修改(_subName, _collectionName, _resolved)	2024-05-30 04:28:54 +08:00
xream	af06086c1b	chore: 去除 Surge/Surfboard 输出节点名中的逗号和等号	2024-05-29 19:15:52 +08:00
xream	4a6a147667	feat: 新增定时处理订阅功能, 避免 App 内拉取超时	2024-05-28 12:05:35 +08:00
xream	c6540d14cd	feat: Surge Beta 模块支持定时处理订阅. 一般用于定时处理耗时较长的订阅, 以更新缓存. 这样 Surge 中拉取时就能用到缓存, 不至于总是超时	2024-05-28 02:31:25 +08:00
xream	3db71ec531	fix: Base64 输入支持 hy2://	2024-05-26 10:28:46 +08:00
xream	cf156c2f17	fix: Stash 服务器证书 SHA256 指纹字段为 server-cert-fingerprint	2024-05-25 18:54:51 +08:00
xream	e28e2a78fb	feat: 下载订阅日志中增加请求的 User-Agent	2024-05-25 18:29:48 +08:00
xream	b0a2c709e8	fix: Stash 服务器证书 SHA256 指纹字段为 server-cert-fingerprint	2024-05-21 11:05:45 +08:00
xream	5dc2c8ced7	chore: demo.js	2024-05-20 17:42:09 +08:00
xream	d2a65ee0fe	chore: demo.js	2024-05-20 17:38:49 +08:00
xream	4dd4ae98ca	chore: 最新版 Surge 已删除 `ability: http-client-policy` 参数, 模块暂不做修改, 对测落地功能无影响	2024-05-18 23:57:18 +08:00
xream	0d41eb467f	feat: 某些域名仅支持从国内 DNS 解析正确结果, 为方便部署在海外的用户, 使用国内 DNS 解析时, ECS IP 指定为国内 IP	2024-05-18 22:24:58 +08:00
xream	ba1c91a7a5	chore: 文案	2024-05-17 17:49:10 +08:00
xream	30fa87c172	doc: Shadowrocket 模块	2024-05-15 20:58:55 +08:00
xream	1eaa33948b	chore: bump release version	2024-05-14 20:45:39 +08:00
xream	619e256ed8	Merge pull request #322 from onejibang/master chore: Change network request method	2024-05-14 20:45:00 +08:00
onejibang	b46209e164	chore: Change network request method	2024-05-14 16:51:05 +08:00
xream	a1ba4e273e	chore: bump release version	2024-05-13 19:44:27 +08:00
xream	bfc95ed92a	Merge pull request #320 from onejibang/feature-gui-for-cores feat: 适配GUI.for.Cores项目组下的客户端程序	2024-05-13 19:41:45 +08:00
xream	32f591ec56	Merge branch 'master' into feature-gui-for-cores	2024-05-13 19:41:28 +08:00
onejibang	cea16d8c44	chore: Canonical variable name	2024-05-13 19:22:33 +08:00
onejibang	93a1ba7b50	feat: support HEAD method	2024-05-13 19:12:22 +08:00
xream	e6d1aa1150	feat: 使用了自定义缓存 cacheKey 的远程订阅调整为乐观缓存	2024-05-13 17:08:17 +08:00
onejibang	26e83798da	feat: Provide virtual disk operation API	2024-05-13 16:35:05 +08:00
xream	b083d2d840	feat: Node.js 版支持 MMDB, 通过环境变量或在脚本中传入数据库文件路径, 可使用 ipaso 和 geoip 方法	2024-05-12 23:17:11 +08:00
onejibang	cf35afcab2	Adapted for GUI.for.Cores	2024-05-11 17:32:01 +08:00
xream	d073dfeef8	feat: 支持 Trojan, VMess, VLESS httpupgrade(暂不支持 Shadowsocks v2ray-plugin)	2024-05-10 10:15:11 +08:00
Peng-YM	f970ea3361	Update README.md	2024-05-09 09:38:36 +08:00
xream	630bac0575	fix: 简单修复 SS URI 多参数拼接	2024-05-05 02:14:55 +08:00
xream	7f3cb2b191	feat: 当无插件参数时, 去除 SS URI 输出中的 / 以兼容部分客户端	2024-05-05 02:11:50 +08:00
xream	92e1e4a0fb	feat: ProxyUtils 中增加 Gist 类; 补充 demo.js 中的示例	2024-05-04 21:35:27 +08:00
xream	3b85d313fe	fix: 兼容不规范的 QX URI	2024-05-03 03:56:59 +08:00
xream	c91d8e28e4	fix: 哪吒探针在线时长	2024-04-30 15:39:14 +08:00
xream	8cbb4492be	feat: 全部是 WireGuard 节点的订阅, 支持输出为 Surge 模块	2024-04-25 16:55:32 +08:00
xream	6f7da57e3a	fix: 旗帜操作中将 🏴‍☠️ 🏳️‍🌈 也视为已有旗帜并在删除后添加新旗帜	2024-04-25 13:38:01 +08:00
xream	2586c29746	fix: 处理手动删除 Gist 之后, Sub-Store 侧重新同步的逻辑	2024-04-23 09:28:39 +08:00
xream	6f7fe8204b	feat: 支持完整导出和导入 Sub-Store 单条订阅数据	2024-04-22 15:15:57 +08:00
xream	bafaf07743	Merge pull request #314 from eric-gitta-moore/master feat: script ip-flag for node	2024-04-22 13:09:33 +08:00
Eric Moore	9962eb0947	feat: script ip-flag for node	2024-04-22 12:59:06 +08:00
xream	ac5232a7bc	ci: restore the functionality of generating conventional changelog	2024-04-22 04:25:19 +08:00