fix: 修复 edns sourcePrefixLength

README.md

@@ -28,14 +28,18 @@ Core functionalities:
 
 > ⚠️ Do not use `Shadowrocket` to export URI and then import it as input. It is not a standard URI.
 
+- [x] Normal Proxy(`socks5`, `socks5+tls`, `http`, `https`(it's ok))
+
+  example: `socks5+tls://user:pass@ip:port#name`
+
 - [x] URI(SS, SSR, VMess, VLESS, Trojan, Hysteria, Hysteria 2, TUIC v5, WireGuard)
 - [x] Clash Proxies YAML
 - [x] Clash Proxy JSON(single line)
 - [x] QX (SS, SSR, VMess, Trojan, HTTP, SOCKS5, VLESS)
 - [x] Loon (SS, SSR, VMess, Trojan, HTTP, SOCKS5, SOCKS5-TLS, WireGuard, VLESS, Hysteria 2)
-- [x] Surge (SS, VMess, Trojan, HTTP, SOCKS5, SOCKS5-TLS, TUIC, Snell, Hysteria 2, SSH(Password authentication only), External Proxy Program(only for macOS), WireGuard(Surge to Surge))
+- [x] Surge (Direct, SS, VMess, Trojan, HTTP, SOCKS5, SOCKS5-TLS, TUIC, Snell, Hysteria 2, SSH(Password authentication only), External Proxy Program(only for macOS), WireGuard(Surge to Surge))
 - [x] Surfboard (SS, VMess, Trojan, HTTP, SOCKS5, SOCKS5-TLS, WireGuard(Surfboard to Surfboard))
-- [x] Clash.Meta (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, Hysteria 2, TUIC)
+- [x] Clash.Meta (Direct, SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, Hysteria 2, TUIC)
 - [x] Stash (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, TUIC, Juicity, SSH)
 - [x] Clash (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard)
 

backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sub-store",
-  "version": "2.14.429",
+  "version": "2.14.445",
   "description": "Advanced Subscription Manager for QX, Loon, Surge, Stash and ShadowRocket.",
   "main": "src/main.js",
   "scripts": {

backend/src/core/proxy-utils/index.js

@@ -86,6 +86,16 @@ async function processFn(
     $options,
 ) {
     for (const item of operators) {
+        if (item.disabled) {
+            $.log(
+                `Skipping disabled operator: "${
+                    item.type
+                }" with arguments:\n >>> ${
+                    JSON.stringify(item.args, null, 2) || 'None'
+                }`,
+            );
+            continue;
+        }
         // process script
         let script;
         let $arguments = {};

backend/src/core/proxy-utils/parsers/index.js

@@ -27,6 +27,42 @@ function surge_port_hopping(raw) {
     };
 }
 
+function URI_PROXY() {
+    // socks5+tls
+    // socks5
+    // http, https(可以这么写)
+    const name = 'URI PROXY Parser';
+    const test = (line) => {
+        return /^(socks5\+tls|socks5|http|https):\/\//.test(line);
+    };
+    const parse = (line) => {
+        // parse url
+        // eslint-disable-next-line no-unused-vars
+        let [__, type, tls, username, password, server, port, query, name] =
+            line.match(
+                /^(socks5|http|http)(\+tls|s)?:\/\/(?:(.*?):(.*?)@)?(.*?):(\d+?)(\?.*?)?(?:#(.*?))?$/,
+            );
+
+        const proxy = {
+            name:
+                name != null
+                    ? decodeURIComponent(name)
+                    : `${type} ${server}:${port}`,
+            type,
+            tls: tls ? true : false,
+            server,
+            port,
+            username:
+                username != null ? decodeURIComponent(username) : undefined,
+            password:
+                password != null ? decodeURIComponent(password) : undefined,
+        };
+
+        return proxy;
+    };
+    return { name, test, parse };
+}
+
 // Parse SS URI format (only supports new SIP002, legacy format is depreciated).
 // reference: https://github.com/shadowsocks/shadowsocks-org/wiki/SIP002-URI-Scheme
 function URI_SS() {
@@ -46,7 +82,15 @@ function URI_SS() {
         content = content.split('#')[0]; // strip proxy name
         // handle IPV4 and IPV6
         let serverAndPortArray = content.match(/@([^/]*)(\/|$)/);
-        let userInfoStr = Base64.decode(content.split('@')[0]);
+
+        let rawUserInfoStr = decodeURIComponent(content.split('@')[0]); // 其实应该分隔之后, 用户名和密码再 decodeURIComponent. 但是问题不大
+        let userInfoStr;
+        if (rawUserInfoStr?.startsWith('2022-blake3-')) {
+            userInfoStr = rawUserInfoStr;
+        } else {
+            userInfoStr = Base64.decode(rawUserInfoStr);
+        }
+
         let query = '';
         if (!serverAndPortArray) {
             if (content.includes('?')) {
@@ -71,16 +115,21 @@ function URI_SS() {
             userInfoStr = content.split('@')[0];
             serverAndPortArray = content.match(/@([^/]*)(\/|$)/);
         }
+
         const serverAndPort = serverAndPortArray[1];
         const portIdx = serverAndPort.lastIndexOf(':');
         proxy.server = serverAndPort.substring(0, portIdx);
         proxy.port = `${serverAndPort.substring(portIdx + 1)}`.match(
             /\d+/,
         )?.[0];
-
-        const userInfo = userInfoStr.match(/(^.*?):(.*$)/);
-        proxy.cipher = userInfo[1];
-        proxy.password = userInfo[2];
+        let userInfo = userInfoStr.match(/(^.*?):(.*$)/);
+        proxy.cipher = userInfo?.[1];
+        proxy.password = userInfo?.[2];
+        // if (!proxy.cipher || !proxy.password) {
+        //     userInfo = rawUserInfoStr.match(/(^.*?):(.*$)/);
+        //     proxy.cipher = userInfo?.[1];
+        //     proxy.password = userInfo?.[2];
+        // }
 
         // handle obfs
         const idx = content.indexOf('?plugin=');
@@ -380,6 +429,7 @@ function URI_VMess() {
                         proxy[`${proxy.network}-opts`] = {
                             'grpc-service-name': getIfNotBlank(transportPath),
                             '_grpc-type': getIfNotBlank(params.type),
+                            '_grpc-authority': getIfNotBlank(params.authority),
                         };
                     } else {
                         const opts = {
@@ -515,6 +565,9 @@ function URI_VLESS() {
             }
             if (params.serviceName) {
                 opts[`${proxy.network}-service-name`] = params.serviceName;
+                if (['grpc'].includes(proxy.network) && params.authority) {
+                    opts['_grpc-authority'] = params.authority;
+                }
             } else if (isShadowrocket && params.path) {
                 if (!['ws', 'http', 'h2'].includes(proxy.network)) {
                     opts[`${proxy.network}-service-name`] = params.path;
@@ -889,6 +942,7 @@ function Clash_All() {
                 'hysteria2',
                 'wireguard',
                 'ssh',
+                'direct',
             ].includes(proxy.type)
         ) {
             throw new Error(
@@ -1187,6 +1241,14 @@ function Loon_WireGuard() {
     return { name, test, parse };
 }
 
+function Surge_Direct() {
+    const name = 'Surge Direct Parser';
+    const test = (line) => {
+        return /^.*=\s*direct/.test(line.split(',')[0]);
+    };
+    const parse = (line) => getSurgeParser().parse(line);
+    return { name, test, parse };
+}
 function Surge_SSH() {
     const name = 'Surge SSH Parser';
     const test = (line) => {
@@ -1366,6 +1428,7 @@ function isIP(ip) {
 }
 
 export default [
+    URI_PROXY(),
     URI_SS(),
     URI_SSR(),
     URI_VMess(),
@@ -1376,6 +1439,7 @@ export default [
     URI_Hysteria2(),
     URI_Trojan(),
     Clash_All(),
+    Surge_Direct(),
     Surge_SSH(),
     Surge_SS(),
     Surge_VMess(),

backend/src/core/proxy-utils/parsers/peggy/loon.js

@@ -120,7 +120,7 @@ port = digits:[0-9]+ {
 method = comma cipher:cipher { 
     proxy.cipher = cipher;
 }
-cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"auto"/"bf-cfb"/"camellia-128-cfb"/"camellia-192-cfb"/"camellia-256-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none"/"rc4-md5"/"rc4"/"salsa20"/"xchacha20-ietf-poly1305");
+cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"auto"/"bf-cfb"/"camellia-128-cfb"/"camellia-192-cfb"/"camellia-256-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none"/"rc4-md5"/"rc4"/"salsa20"/"xchacha20-ietf-poly1305"/"2022-blake3-aes-128-gcm"/"2022-blake3-aes-256-gcm");
 
 username = & {
     let j = peg$currPos; 

backend/src/core/proxy-utils/parsers/peggy/loon.peg

@@ -118,7 +118,7 @@ port = digits:[0-9]+ {
 method = comma cipher:cipher { 
     proxy.cipher = cipher;
 }
-cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"auto"/"bf-cfb"/"camellia-128-cfb"/"camellia-192-cfb"/"camellia-256-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none"/"rc4-md5"/"rc4"/"salsa20"/"xchacha20-ietf-poly1305");
+cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"auto"/"bf-cfb"/"camellia-128-cfb"/"camellia-192-cfb"/"camellia-256-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none"/"rc4-md5"/"rc4"/"salsa20"/"xchacha20-ietf-poly1305"/"2022-blake3-aes-128-gcm"/"2022-blake3-aes-256-gcm");
 
 username = & {
     let j = peg$currPos; 

backend/src/core/proxy-utils/parsers/peggy/surge.js

@@ -37,7 +37,7 @@ const grammars = String.raw`
     }
 }
 
-start = (shadowsocks/vmess/trojan/https/http/snell/socks5/socks5_tls/tuic/tuic_v5/wireguard/hysteria2/ssh) {
+start = (shadowsocks/vmess/trojan/https/http/snell/socks5/socks5_tls/tuic/tuic_v5/wireguard/hysteria2/ssh/direct) {
     return proxy;
 }
 
@@ -108,15 +108,18 @@ hysteria2 = tag equals "hysteria2" address (no_error_alert/ip_version/underlying
     proxy.type = "hysteria2";
     handleShadowTLS();
 }
-socks5 = tag equals "socks5" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+socks5 = tag equals "socks5" address (username password)? (usernamek passwordk)? (udp_relay/no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "socks5";
     handleShadowTLS();
 }
-socks5_tls = tag equals "socks5-tls" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/sni/tls_fingerprint/tls_verification/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+socks5_tls = tag equals "socks5-tls" address (username password)? (usernamek passwordk)? (udp_relay/no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/sni/tls_fingerprint/tls_verification/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "socks5";
     proxy.tls = true;
     handleShadowTLS();
 }
+direct = tag equals "direct" (udp_relay/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/block_quic/others)* {
+    proxy.type = "direct";
+}
 
 address = comma server:server comma port:port {
     proxy.server = server;

backend/src/core/proxy-utils/parsers/peggy/surge.peg

@@ -35,7 +35,7 @@
     }
 }
 
-start = (shadowsocks/vmess/trojan/https/http/snell/socks5/socks5_tls/tuic/tuic_v5/wireguard/hysteria2/ssh) {
+start = (shadowsocks/vmess/trojan/https/http/snell/socks5/socks5_tls/tuic/tuic_v5/wireguard/hysteria2/ssh/direct) {
     return proxy;
 }
 
@@ -106,16 +106,18 @@ hysteria2 = tag equals "hysteria2" address (no_error_alert/ip_version/underlying
     proxy.type = "hysteria2";
     handleShadowTLS();
 }
-socks5 = tag equals "socks5" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+socks5 = tag equals "socks5" address (username password)? (usernamek passwordk)? (udp_relay/no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "socks5";
     handleShadowTLS();
 }
-socks5_tls = tag equals "socks5-tls" address (username password)? (usernamek passwordk)? (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/sni/tls_fingerprint/tls_verification/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+socks5_tls = tag equals "socks5-tls" address (username password)? (usernamek passwordk)? (udp_relay/no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/sni/tls_fingerprint/tls_verification/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "socks5";
     proxy.tls = true;
     handleShadowTLS();
 }
-
+direct = tag equals "direct" (udp_relay/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/block_quic/others)* {
+    proxy.type = "direct";
+}
 address = comma server:server comma port:port {
     proxy.server = server;
     proxy.port = port;

backend/src/core/proxy-utils/parsers/peggy/trojan-uri.js

@@ -82,6 +82,8 @@ port = digits:[0-9]+ {
 params = "?" head:param tail:("&"@param)* {
   proxy["skip-cert-verify"] = toBool(params["allowInsecure"]);
   proxy.sni = params["sni"] || params["peer"];
+  proxy['client-fingerprint'] = params.fp;
+  proxy.alpn = params.alpn ? decodeURIComponent(params.alpn).split(',') : undefined;
 
   if (toBool(params["ws"])) {
     proxy.network = "ws";
@@ -99,6 +101,7 @@ params = "?" head:param tail:("&"@param)* {
         proxy[proxy.network + '-opts'] = {
             'grpc-service-name': params["serviceName"],
             '_grpc-type': params["mode"],
+            '_grpc-authority': params["authority"],
         };
     } else {
       if (params["path"]) {

backend/src/core/proxy-utils/parsers/peggy/trojan-uri.peg

@@ -80,6 +80,8 @@ port = digits:[0-9]+ {
 params = "?" head:param tail:("&"@param)* {
   proxy["skip-cert-verify"] = toBool(params["allowInsecure"]);
   proxy.sni = params["sni"] || params["peer"];
+  proxy['client-fingerprint'] = params.fp;
+  proxy.alpn = params.alpn ? decodeURIComponent(params.alpn).split(',') : undefined;
 
   if (toBool(params["ws"])) {
     proxy.network = "ws";
@@ -97,6 +99,7 @@ params = "?" head:param tail:("&"@param)* {
         proxy[proxy.network + '-opts'] = {
             'grpc-service-name': params["serviceName"],
             '_grpc-type': params["mode"],
+            '_grpc-authority': params["authority"],
         };
     } else {
       if (params["path"]) {

backend/src/core/proxy-utils/processors/index.js

@@ -699,24 +699,45 @@ function isIP(ip) {
 
 ResolveDomainOperator.resolver = DOMAIN_RESOLVERS;
 
+function isAscii(str) {
+    // eslint-disable-next-line no-control-regex
+    var pattern = /^[\x00-\x7F]+$/; // ASCII 范围的 Unicode 编码
+    return pattern.test(str);
+}
+
 /**************************** Filters ***************************************/
 // filter useless proxies
 function UselessFilter() {
-    const KEYWORDS = [
-        '网址',
-        '流量',
-        '时间',
-        '应急',
-        '过期',
-        'Bandwidth',
-        'expire',
-    ];
     return {
         name: 'Useless Filter',
-        func: RegexFilter({
-            regex: KEYWORDS,
-            keep: false,
-        }).func,
+        func: (proxies) => {
+            return proxies.map((proxy) => {
+                if (proxy.cipher && !isAscii(proxy.cipher)) {
+                    return false;
+                } else if (proxy.password && !isAscii(proxy.password)) {
+                    return false;
+                } else {
+                    if (proxy.network) {
+                        let transportHosts =
+                            proxy[`${proxy.network}-opts`]?.headers?.Host ||
+                            proxy[`${proxy.network}-opts`]?.headers?.host;
+                        transportHosts = Array.isArray(transportHosts)
+                            ? transportHosts
+                            : [transportHosts];
+                        if (
+                            transportHosts.some(
+                                (host) => host && !isAscii(host),
+                            )
+                        ) {
+                            return false;
+                        }
+                    }
+                    return !/网址|流量|时间|应急|过期|Bandwidth|expire/.test(
+                        proxy.name,
+                    );
+                }
+            });
+        },
     };
 }
 

backend/src/core/proxy-utils/producers/clash.js

@@ -175,6 +175,7 @@ export default function Clash_Producer() {
                     proxy[`${proxy.network}-opts`]
                 ) {
                     delete proxy[`${proxy.network}-opts`]['_grpc-type'];
+                    delete proxy[`${proxy.network}-opts`]['_grpc-authority'];
                 }
                 return proxy;
             });

backend/src/core/proxy-utils/producers/clashmeta.js

@@ -190,6 +190,7 @@ export default function ClashMeta_Producer() {
                     proxy[`${proxy.network}-opts`]
                 ) {
                     delete proxy[`${proxy.network}-opts`]['_grpc-type'];
+                    delete proxy[`${proxy.network}-opts`]['_grpc-authority'];
                 }
                 return proxy;
             });

backend/src/core/proxy-utils/producers/loon.js

@@ -4,10 +4,10 @@ import { isPresent, Result } from './utils';
 import { isIPv4, isIPv6 } from '@/utils';
 
 export default function Loon_Producer() {
-    const produce = (proxy) => {
+    const produce = (proxy, type, opts = {}) => {
         switch (proxy.type) {
             case 'ss':
-                return shadowsocks(proxy);
+                return shadowsocks(proxy, opts['include-unsupported-proxy']);
             case 'ssr':
                 return shadowsocksr(proxy);
             case 'trojan':
@@ -32,7 +32,7 @@ export default function Loon_Producer() {
     return { produce };
 }
 
-function shadowsocks(proxy) {
+function shadowsocks(proxy, includeUnsupportedProxy) {
     const result = new Result(proxy);
     if (
         ![
@@ -56,6 +56,9 @@ function shadowsocks(proxy) {
             'aes-256-gcm',
             'chacha20-ietf-poly1305',
             'xchacha20-ietf-poly1305',
+            ...(includeUnsupportedProxy
+                ? ['2022-blake3-aes-128-gcm', '2022-blake3-aes-256-gcm']
+                : []),
         ].includes(proxy.cipher)
     ) {
         throw new Error(`cipher ${proxy.cipher} is not supported`);

backend/src/core/proxy-utils/producers/shadowrocket.js

@@ -193,6 +193,7 @@ export default function ShadowRocket_Producer() {
                     proxy[`${proxy.network}-opts`]
                 ) {
                     delete proxy[`${proxy.network}-opts`]['_grpc-type'];
+                    delete proxy[`${proxy.network}-opts`]['_grpc-authority'];
                 }
                 return proxy;
             });

backend/src/core/proxy-utils/producers/stash.js

@@ -289,6 +289,7 @@ export default function Stash_Producer() {
                     proxy[`${proxy.network}-opts`]
                 ) {
                     delete proxy[`${proxy.network}-opts`]['_grpc-type'];
+                    delete proxy[`${proxy.network}-opts`]['_grpc-authority'];
                 }
                 return proxy;
             });

backend/src/core/proxy-utils/producers/surge.js

@@ -27,6 +27,8 @@ export default function Surge_Producer() {
                 return vmess(proxy, opts['include-unsupported-proxy']);
             case 'http':
                 return http(proxy);
+            case 'direct':
+                return direct(proxy);
             case 'socks5':
                 return socks5(proxy);
             case 'snell':
@@ -503,6 +505,54 @@ function http(proxy) {
 
     return result.toString();
 }
+function direct(proxy) {
+    const result = new Result(proxy);
+    const type = 'direct';
+    result.append(`${proxy.name}=${type}`);
+
+    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
+    result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
+
+    result.appendIfPresent(
+        `,no-error-alert=${proxy['no-error-alert']}`,
+        'no-error-alert',
+    );
+
+    // tfo
+    result.appendIfPresent(`,tfo=${proxy.tfo}`, 'tfo');
+
+    // udp
+    result.appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');
+
+    // test-url
+    result.appendIfPresent(`,test-url=${proxy['test-url']}`, 'test-url');
+    result.appendIfPresent(
+        `,test-timeout=${proxy['test-timeout']}`,
+        'test-timeout',
+    );
+    result.appendIfPresent(`,test-udp=${proxy['test-udp']}`, 'test-udp');
+    result.appendIfPresent(`,hybrid=${proxy['hybrid']}`, 'hybrid');
+    result.appendIfPresent(`,tos=${proxy['tos']}`, 'tos');
+    result.appendIfPresent(
+        `,allow-other-interface=${proxy['allow-other-interface']}`,
+        'allow-other-interface',
+    );
+    result.appendIfPresent(
+        `,interface=${proxy['interface-name']}`,
+        'interface-name',
+    );
+
+    // block-quic
+    result.appendIfPresent(`,block-quic=${proxy['block-quic']}`, 'block-quic');
+
+    // underlying-proxy
+    result.appendIfPresent(
+        `,underlying-proxy=${proxy['underlying-proxy']}`,
+        'underlying-proxy',
+    );
+
+    return result.toString();
+}
 
 function socks5(proxy) {
     const result = new Result(proxy);

backend/src/core/proxy-utils/producers/uri.js

@@ -29,9 +29,13 @@ export default function URI_Producer() {
         switch (proxy.type) {
             case 'ss':
                 const userinfo = `${proxy.cipher}:${proxy.password}`;
-                result = `ss://${Base64.encode(userinfo)}@${proxy.server}:${
-                    proxy.port
-                }${proxy.plugin ? '/' : ''}`;
+                result = `ss://${
+                    proxy.cipher?.startsWith('2022-blake3-')
+                        ? `${encodeURIComponent(
+                              proxy.cipher,
+                          )}:${encodeURIComponent(proxy.password)}`
+                        : Base64.encode(userinfo)
+                }@${proxy.server}:${proxy.port}${proxy.plugin ? '/' : ''}`;
                 if (proxy.plugin) {
                     result += '?plugin=';
                     const opts = proxy['plugin-opts'];
@@ -102,7 +106,7 @@ export default function URI_Producer() {
                     port: proxy.port,
                     id: proxy.uuid,
                     type,
-                    aid: 0,
+                    aid: proxy.alterId || 0,
                     net,
                     tls: proxy.tls ? 'tls' : '',
                 };
@@ -134,6 +138,8 @@ export default function URI_Producer() {
                         result.type =
                             proxy[`${proxy.network}-opts`]?.['_grpc-type'] ||
                             'gun';
+                        result.host =
+                            proxy[`${proxy.network}-opts`]?.['_grpc-authority'];
                     }
                 }
                 result = 'vmess://' + Base64.encode(JSON.stringify(result));
@@ -196,6 +202,13 @@ export default function URI_Producer() {
                     vlessTransport += `&mode=${encodeURIComponent(
                         proxy[`${proxy.network}-opts`]?.['_grpc-type'] || 'gun',
                     )}`;
+                    const authority =
+                        proxy[`${proxy.network}-opts`]?.['_grpc-authority'];
+                    if (authority) {
+                        vlessTransport += `&authority=${encodeURIComponent(
+                            authority,
+                        )}`;
+                    }
                 }
 
                 let vlessTransportServiceName =
@@ -261,11 +274,18 @@ export default function URI_Producer() {
                             proxy[`${proxy.network}-opts`]?.[
                                 `${proxy.network}-service-name`
                             ];
+                        let trojanTransportAuthority =
+                            proxy[`${proxy.network}-opts`]?.['_grpc-authority'];
                         if (trojanTransportServiceName) {
                             trojanTransport += `&serviceName=${encodeURIComponent(
                                 trojanTransportServiceName,
                             )}`;
                         }
+                        if (trojanTransportAuthority) {
+                            trojanTransport += `&authority=${encodeURIComponent(
+                                trojanTransportAuthority,
+                            )}`;
+                        }
                         trojanTransport += `&mode=${encodeURIComponent(
                             proxy[`${proxy.network}-opts`]?.['_grpc-type'] ||
                                 'gun',
@@ -290,11 +310,27 @@ export default function URI_Producer() {
                         )}`;
                     }
                 }
+                let trojanFp = '';
+                if (proxy['client-fingerprint']) {
+                    trojanFp = `&fp=${encodeURIComponent(
+                        proxy['client-fingerprint'],
+                    )}`;
+                }
+                let trojanAlpn = '';
+                if (proxy.alpn) {
+                    trojanAlpn = `&alpn=${encodeURIComponent(
+                        Array.isArray(proxy.alpn)
+                            ? proxy.alpn
+                            : proxy.alpn.join(','),
+                    )}`;
+                }
                 result = `trojan://${proxy.password}@${proxy.server}:${
                     proxy.port
                 }?sni=${encodeURIComponent(proxy.sni || proxy.server)}${
                     proxy['skip-cert-verify'] ? '&allowInsecure=1' : ''
-                }${trojanTransport}#${encodeURIComponent(proxy.name)}`;
+                }${trojanTransport}${trojanAlpn}${trojanFp}#${encodeURIComponent(
+                    proxy.name,
+                )}`;
                 break;
             case 'hysteria2':
                 let hysteria2params = [];

backend/src/products/resource-parser.loon.js

@@ -37,7 +37,9 @@ let resourceUrl = typeof $resourceUrl !== 'undefined' ? $resourceUrl : '';
     if (resourceType === RESOURCE_TYPE.PROXY) {
         try {
             let proxies = ProxyUtils.parse(resource);
-            result = ProxyUtils.produce(proxies, 'Loon');
+            result = ProxyUtils.produce(proxies, 'Loon', undefined, {
+                'include-unsupported-proxy': arg?.includeUnsupportedProxy,
+            });
         } catch (e) {
             console.log('解析器: 使用 resource 出现错误');
             console.log(e.message ?? e);
@@ -47,7 +49,9 @@ let resourceUrl = typeof $resourceUrl !== 'undefined' ? $resourceUrl : '';
             try {
                 let raw = await download(resourceUrl, arg?.ua, arg?.timeout);
                 let proxies = ProxyUtils.parse(raw);
-                result = ProxyUtils.produce(proxies, 'Loon');
+                result = ProxyUtils.produce(proxies, 'Loon', undefined, {
+                    'include-unsupported-proxy': arg?.includeUnsupportedProxy,
+                });
             } catch (e) {
                 console.log(e.message ?? e);
             }

backend/src/restful/download.js

@@ -255,7 +255,7 @@ async function downloadSubscription(req, res) {
             );
         }
     } else {
-        $.notify(`🌍 Sub-Store 下载订阅失败`, `❌ 未找到订阅：${name}！`);
+        $.error(`🌍 Sub-Store 下载订阅失败`, `❌ 未找到订阅：${name}！`);
         failed(
             res,
             new ResourceNotFoundError(
@@ -457,7 +457,7 @@ async function downloadCollection(req, res) {
             );
         }
     } else {
-        $.notify(
+        $.error(
             `🌍 Sub-Store 下载组合订阅失败`,
             `❌ 未找到组合订阅：${name}！`,
         );

backend/src/restful/file.js

@@ -179,7 +179,7 @@ async function getFile(req, res) {
             );
         }
     } else {
-        $.notify(`🌍 Sub-Store 下载文件失败`, `❌ 未找到文件：${name}！`);
+        $.error(`🌍 Sub-Store 下载文件失败`, `❌ 未找到文件：${name}！`);
         failed(
             res,
             new ResourceNotFoundError(

backend/src/utils/dns.js

@@ -1,6 +1,7 @@
 import $ from '@/core/app';
 import dnsPacket from 'dns-packet';
 import { Buffer } from 'buffer';
+import { isIPv4 } from '@/utils';
 
 export async function doh({ url, domain, type = 'A', timeout, edns }) {
     const buf = dnsPacket.encode({
@@ -23,7 +24,7 @@ export async function doh({ url, domain, type = 'A', timeout, edns }) {
                     {
                         code: 'CLIENT_SUBNET',
                         ip: edns,
-                        sourcePrefixLength: 24,
+                        sourcePrefixLength: isIPv4(edns) ? 24 : 56,
                         scopePrefixLength: 0,
                     },
                 ],

backend/src/utils/download.js

@@ -172,7 +172,7 @@ export default async function download(
             `Downloading...\nUser-Agent: ${userAgent}\nTimeout: ${requestTimeout}\nProxy: ${proxy}\nInsecure: ${!!insecure}\nURL: ${url}`,
         );
         try {
-            const { body, headers } = await http.get({
+            const { body, headers, statusCode } = await http.get({
                 url,
                 ...(proxy ? { proxy } : {}),
                 ...(isLoon && proxy ? { node: proxy } : {}),
@@ -180,6 +180,10 @@ export default async function download(
                 ...(proxy ? getPolicyDescriptor(proxy) : {}),
                 ...(insecure ? insecure : {}),
             });
+            $.info(`statusCode: ${statusCode}`);
+            if (statusCode < 200 || statusCode >= 400) {
+                throw new Error(`statusCode: ${statusCode}`);
+            }
 
             if (headers) {
                 const flowInfo = getFlowField(headers);

backend/src/utils/flow.js

@@ -18,7 +18,9 @@ export function getFlowField(headers) {
         }
     }
 
-    return `${sub || ''}${webPage ? `;app_url=${webPage}` : ''}`;
+    return `${sub || ''}${
+        webPage ? `; app_url=${encodeURIComponent(webPage)}` : ''
+    }`;
 }
 export async function getFlowHeaders(
     rawUrl,

backend/src/utils/geo.js

@@ -151,6 +151,7 @@ export function getFlag(name) {
             '滑铁卢',
             '多伦多',
             'Waterloo',
+            'Toronto',
         ],
         '🇨🇭': ['Switzerland', '瑞士', '苏黎世', 'Zurich'],
         '🇨🇱': ['Chile', '智利'],
@@ -245,7 +246,7 @@ export function getFlag(name) {
         '🇮🇪': ['Ireland', '爱尔兰', '愛爾蘭', '都柏林'],
         '🇮🇱': ['Israel', '以色列'],
         '🇮🇲': ['Isle of Man', '马恩岛', '馬恩島'],
-        '🇮🇳': ['India', '印度', '孟买', 'MFumbai'],
+        '🇮🇳': ['India', '印度', '孟买', 'MFumbai', 'Mumbai'],
         '🇮🇷': ['Iran', '伊朗'],
         '🇮🇸': ['Iceland', '冰岛', '冰島'],
         '🇮🇹': ['Italy', '意大利', '義大利', '米兰', 'Nachash'],
@@ -261,7 +262,14 @@ export function getFlag(name) {
         '🇲🇹': ['Malta', '马耳他'],
         '🇲🇽': ['Mexico', '墨西哥'],
         '🇲🇾': ['Malaysia', '马来', '馬來', '吉隆坡', '大馬'],
-        '🇳🇱': ['Netherlands', '荷兰', '荷蘭', '尼德蘭', '阿姆斯特丹'],
+        '🇳🇱': [
+            'Netherlands',
+            '荷兰',
+            '荷蘭',
+            '尼德蘭',
+            '阿姆斯特丹',
+            'Amsterdam',
+        ],
         '🇳🇴': ['Norway', '挪威'],
         '🇳🇵': ['Nepal', '尼泊尔'],
         '🇳🇿': ['New Zealand', '新西兰', '新西蘭'],
@@ -269,7 +277,7 @@ export function getFlag(name) {
         '🇵🇪': ['Peru', '秘鲁', '祕魯'],
         '🇵🇭': ['Philippines', '菲律宾', '菲律賓'],
         '🇵🇰': ['Pakistan', '巴基斯坦'],
-        '🇵🇱': ['Poland', '波兰', '波蘭'],
+        '🇵🇱': ['Poland', '波兰', '波蘭', '华沙', 'Warsaw'],
         '🇵🇷': ['Puerto Rico', '波多黎各'],
         '🇵🇹': ['Portugal', '葡萄牙'],
         '🇵🇾': ['Paraguay', '巴拉圭'],
@@ -294,7 +302,7 @@ export function getFlag(name) {
             'Moscow',
         ],
         '🇸🇦': ['Saudi', '沙特阿拉伯', '沙特', 'Riyadh', '利雅得'],
-        '🇸🇪': ['Sweden', '瑞典'],
+        '🇸🇪': ['Sweden', '瑞典', '斯德哥尔摩', 'Stockholm'],
         '🇸🇬': [
             'Singapore',
             '新加坡',
@@ -314,7 +322,7 @@ export function getFlag(name) {
         '🇸🇰': ['Slovakia', '斯洛伐克'],
         '🇹🇭': ['Thailand', '泰国', '泰國', '曼谷'],
         '🇹🇳': ['Tunisia', '突尼斯'],
-        '🇹🇷': ['Turkey', '土耳其', '伊斯坦布尔'],
+        '🇹🇷': ['Turkey', '土耳其', '伊斯坦布尔', 'Istanbul'],
         '🇹🇼': [
             'Taiwan',
             '台湾',
@@ -341,6 +349,7 @@ export function getFlag(name) {
             '波特兰',
             '达拉斯',
             '俄勒冈',
+            'Oregon',
             '凤凰城',
             '费利蒙',
             '硅谷',
@@ -354,10 +363,17 @@ export function getFlag(name) {
             '沪美',
             '哥伦布',
             '纽约',
+            'New York',
             'Los Angeles',
             'San Jose',
             'Sillicon Valley',
             'Michigan',
+            '俄亥俄',
+            'Ohio',
+            '马纳萨斯',
+            'Manassas',
+            '弗吉尼亚',
+            'Virginia',
         ],
         '🇺🇾': ['Uruguay', '乌拉圭'],
         '🇻🇪': ['Venezuela', '委内瑞拉'],
@@ -418,8 +434,12 @@ export function getFlag(name) {
                 RegExp(`(^|[^a-zA-Z])${keyword}([^a-zA-Z]|$)`).test(name),
             )
         ) {
-            //console.log(`ISOFlag = ${flag}`)
-            return (Flag = flag);
+            const isCN2 =
+                flag == '🇨🇳' &&
+                RegExp(`(^|[^a-zA-Z])CN2([^a-zA-Z]|$)`).test(name);
+            if (!isCN2) {
+                return (Flag = flag);
+            }
         }
     }