feat: 备份数据到 Gist 时, 清除 GitHub Token. 恢复后请重新设置 GitHub Token

适配下游客户端API

README.md

@@ -26,13 +26,14 @@ Core functionalities:
 
 ### Supported Input Formats
 
-> ⚠️ Do not use `Shadowrocket` or `NekoBox` to export URI and then import it as input. The URIs exported in this way may not be standard URIs.
+> ⚠️ Do not use `Shadowrocket` or `NekoBox` to export URI and then import it as input. The URIs exported in this way may not be standard URIs. However, we have already supported some very common non-standard URIs (such as VMess, VLESS).
 
 - [x] Proxy URI Scheme(`socks5`, `socks5+tls`, `http`, `https`(it's ok))
 
   example: `socks5+tls://user:pass@ip:port#name`
 
 - [x] URI(AnyTLS, SOCKS, SS, SSR, VMess, VLESS, Trojan, Hysteria, Hysteria 2, TUIC v5, WireGuard)
+  > Please note, HTTP(s) does not have a standard URI format, so it is not supported. Please use other formats.
 - [x] Clash Proxies YAML
 - [x] Clash Proxy JSON(single line)
 - [x] QX (SS, SSR, VMess, Trojan, HTTP, SOCKS5, VLESS)

backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sub-store",
-  "version": "2.19.61",
+  "version": "2.19.78",
   "description": "Advanced Subscription Manager for QX, Loon, Surge, Stash and Shadowrocket.",
   "main": "src/main.js",
   "scripts": {

backend/src/core/proxy-utils/parsers/index.js

@@ -12,6 +12,7 @@ import getLoonParser from './peggy/loon';
 import getQXParser from './peggy/qx';
 import getTrojanURIParser from './peggy/trojan-uri';
 import $ from '@/core/app';
+import JSON5 from 'json5';
 
 import { Base64 } from 'js-base64';
 
@@ -1130,14 +1131,14 @@ function Clash_All() {
     const name = 'Clash Parser';
     const test = (line) => {
         try {
-            JSON.parse(line);
+            JSON5.parse(line);
         } catch (e) {
             return false;
         }
         return true;
     };
     const parse = (line) => {
-        const proxy = JSON.parse(line);
+        const proxy = JSON5.parse(line);
         if (
             ![
                 'anytls',

backend/src/core/proxy-utils/parsers/peggy/surge.js

@@ -105,11 +105,11 @@ wireguard = tag equals "wireguard" (section_name/no_error_alert/ip_version/under
     proxy.type = "wireguard-surge";
     handleShadowTLS();
 }
-hysteria2 = tag equals "hysteria2" address (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/sni/fast_open/tfo/tls_verification/passwordk/tls_fingerprint/download_bandwidth/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/port_hopping_interval/others)* {
+hysteria2 = tag equals "hysteria2" address (no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/sni/tls_verification/passwordk/tls_fingerprint/download_bandwidth/ecn/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/port_hopping_interval/others)* {
     proxy.type = "hysteria2";
     handleShadowTLS();
 }
-socks5 = tag equals "socks5" address (username password)? (usernamek passwordk)? (udp_relay/no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/tfo/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+socks5 = tag equals "socks5" address (username password)? (usernamek passwordk)? (udp_relay/no_error_alert/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/fast_open/tfo/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "socks5";
     handleShadowTLS();
 }
@@ -121,7 +121,6 @@ socks5_tls = tag equals "socks5-tls" address (username password)? (usernamek pas
 direct = tag equals "direct" (udp_relay/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/tfo/block_quic/others)* {
     proxy.type = "direct";
 }
-
 address = comma server:server comma port:port {
     proxy.server = server;
     proxy.port = port;
@@ -179,8 +178,8 @@ username = & {
         peg$currPos = end;
         return true;
     }
-} { proxy.username = $.username; }
-password = comma match:[^,]+ { proxy.password = match.join(""); }
+} { proxy.username = $.username.trim().replace(/^"(.*?)"$/, '$1').replace(/^'(.*?)'$/, '$1'); }
+password = comma match:[^,]+ { proxy.password = match.join("").replace(/^"(.*)"$/, '$1').replace(/^'(.*?)'$/, '$1'); }
 
 tls = comma "tls" equals flag:bool { proxy.tls = flag; }
 sni = comma "sni" equals sni:("off"/domain) { 
@@ -196,7 +195,7 @@ tls_fingerprint = comma "server-cert-fingerprint-sha256" equals tls_fingerprint:
 snell_psk = comma "psk" equals match:[^,]+ { proxy.psk = match.join(""); }
 snell_version = comma "version" equals match:$[0-9]+ { proxy.version = parseInt(match.trim()); }
 
-usernamek = comma "username" equals match:[^,]+ { proxy.username = match.join(""); }
+usernamek = comma "username" equals match:[^,]+ { proxy.username = match.join("").replace(/^"(.*?)"$/, '$1').replace(/^'(.*?)'$/, '$1'); }
 passwordk = comma "password" equals match:[^,]+ { proxy.password = match.join("").replace(/^"(.*?)"$/, '$1').replace(/^'(.*?)'$/, '$1'); }
 vmess_uuid = comma "username" equals match:[^,]+ { proxy.uuid = match.join(""); }
 vmess_aead = comma "vmess-aead" equals flag:bool { proxy.aead = flag; }
@@ -212,11 +211,11 @@ ws_headers = comma "ws-headers" equals headers:$[^,]+ {
     const result = {};
     pairs.forEach(pair => {
         const [key, value] = pair.trim().split(":");
-        result[key.trim()] = value.trim();
+        result[key.trim()] = value.trim().replace(/^"(.*?)"$/, '$1').replace(/^'(.*?)'$/, '$1');
     })
     obfs["ws-headers"] = result;
 }
-ws_path = comma "ws-path" equals path:uri { obfs.path = path; }
+ws_path = comma "ws-path" equals path:uri { obfs.path = path.trim().replace(/^"(.*?)"$/, '$1').replace(/^'(.*?)'$/, '$1'); }
 
 obfs = comma "obfs" equals type:("http"/"tls") { obfs.type = type; }
 obfs_host = comma "obfs-host" equals host:domain { obfs.host = host; };

backend/src/core/proxy-utils/parsers/peggy/surge.peg

@@ -176,8 +176,8 @@ username = & {
         peg$currPos = end;
         return true;
     }
-} { proxy.username = $.username; }
-password = comma match:[^,]+ { proxy.password = match.join(""); }
+} { proxy.username = $.username.trim().replace(/^"(.*?)"$/, '$1').replace(/^'(.*?)'$/, '$1'); }
+password = comma match:[^,]+ { proxy.password = match.join("").replace(/^"(.*)"$/, '$1').replace(/^'(.*?)'$/, '$1'); }
 
 tls = comma "tls" equals flag:bool { proxy.tls = flag; }
 sni = comma "sni" equals sni:("off"/domain) { 
@@ -193,7 +193,7 @@ tls_fingerprint = comma "server-cert-fingerprint-sha256" equals tls_fingerprint:
 snell_psk = comma "psk" equals match:[^,]+ { proxy.psk = match.join(""); }
 snell_version = comma "version" equals match:$[0-9]+ { proxy.version = parseInt(match.trim()); }
 
-usernamek = comma "username" equals match:[^,]+ { proxy.username = match.join(""); }
+usernamek = comma "username" equals match:[^,]+ { proxy.username = match.join("").replace(/^"(.*?)"$/, '$1').replace(/^'(.*?)'$/, '$1'); }
 passwordk = comma "password" equals match:[^,]+ { proxy.password = match.join("").replace(/^"(.*?)"$/, '$1').replace(/^'(.*?)'$/, '$1'); }
 vmess_uuid = comma "username" equals match:[^,]+ { proxy.uuid = match.join(""); }
 vmess_aead = comma "vmess-aead" equals flag:bool { proxy.aead = flag; }
@@ -209,11 +209,11 @@ ws_headers = comma "ws-headers" equals headers:$[^,]+ {
     const result = {};
     pairs.forEach(pair => {
         const [key, value] = pair.trim().split(":");
-        result[key.trim()] = value.trim();
+        result[key.trim()] = value.trim().replace(/^"(.*?)"$/, '$1').replace(/^'(.*?)'$/, '$1');
     })
     obfs["ws-headers"] = result;
 }
-ws_path = comma "ws-path" equals path:uri { obfs.path = path; }
+ws_path = comma "ws-path" equals path:uri { obfs.path = path.trim().replace(/^"(.*?)"$/, '$1').replace(/^'(.*?)'$/, '$1'); }
 
 obfs = comma "obfs" equals type:("http"/"tls") { obfs.type = type; }
 obfs_host = comma "obfs-host" equals host:domain { obfs.host = host; };

backend/src/core/proxy-utils/processors/index.js

@@ -623,9 +623,11 @@ const DOMAIN_RESOLVERS = {
         const cached = resourceCache.get(id);
         if (!noCache && cached) return cached;
         const resp = await $.http.get({
-            url: `http://223.6.6.6/resolve?edns_client_subnet=${edns}/24&name=${encodeURIComponent(
-                domain,
-            )}&type=${type === 'IPv6' ? 'AAAA' : 'A'}&short=1`,
+            url: `http://223.6.6.6/resolve?edns_client_subnet=${edns}/${
+                isIPv4(edns) ? 24 : 56
+            }&name=${encodeURIComponent(domain)}&type=${
+                type === 'IPv6' ? 'AAAA' : 'A'
+            }&short=1`,
             headers: {
                 accept: 'application/dns-json',
             },

backend/src/core/proxy-utils/producers/clash.js

@@ -41,7 +41,7 @@ export default function Clash_Producer() {
                             'chacha20-ietf-poly1305',
                             'xchacha20-ietf-poly1305',
                         ].includes(proxy.cipher)) ||
-                    (proxy.type === 'snell' && String(proxy.version) === '4') ||
+                    (proxy.type === 'snell' && proxy.version >= 4) ||
                     (proxy.type === 'vless' &&
                         (typeof proxy.flow !== 'undefined' ||
                             proxy['reality-opts']))

backend/src/core/proxy-utils/producers/clashmeta.js

@@ -1,12 +1,20 @@
 import { isPresent } from '@/core/proxy-utils/producers/utils';
 
+const ipVersions = {
+    dual: 'dual',
+    'v4-only': 'ipv4',
+    'v6-only': 'ipv6',
+    'prefer-v4': 'ipv4-prefer',
+    'prefer-v6': 'ipv6-prefer',
+};
+
 export default function ClashMeta_Producer() {
     const type = 'ALL';
     const produce = (proxies, type, opts = {}) => {
         const list = proxies
             .filter((proxy) => {
                 if (opts['include-unsupported-proxy']) return true;
-                if (proxy.type === 'snell' && String(proxy.version) === '4') {
+                if (proxy.type === 'snell' && proxy.version >= 4) {
                     return false;
                 } else if (['juicity'].includes(proxy.type)) {
                     return false;
@@ -242,6 +250,11 @@ export default function ClashMeta_Producer() {
                     delete proxy[`${proxy.network}-opts`]['_grpc-type'];
                     delete proxy[`${proxy.network}-opts`]['_grpc-authority'];
                 }
+
+                if (proxy['ip-version']) {
+                    proxy['ip-version'] =
+                        ipVersions[proxy['ip-version']] || proxy['ip-version'];
+                }
                 return proxy;
             });
 

backend/src/core/proxy-utils/producers/egern.js

@@ -377,6 +377,23 @@ export default function Egern_Producer() {
                 delete proxy.id;
                 delete proxy.resolved;
                 delete proxy['no-resolve'];
+
+                if (proxy.transport) {
+                    for (const key in proxy.transport) {
+                        if (
+                            Object.keys(proxy.transport[key]).length === 0 ||
+                            Object.values(proxy.transport[key]).every(
+                                (v) => v == null,
+                            )
+                        ) {
+                            delete proxy.transport[key];
+                        }
+                    }
+                    if (Object.keys(proxy.transport).length === 0) {
+                        delete proxy.transport;
+                    }
+                }
+
                 if (type !== 'internal') {
                     for (const key in proxy) {
                         if (proxy[key] == null || /^_/i.test(key)) {

backend/src/core/proxy-utils/producers/shadowrocket.js

@@ -7,7 +7,7 @@ export default function Shadowrocket_Producer() {
         const list = proxies
             .filter((proxy) => {
                 if (opts['include-unsupported-proxy']) return true;
-                if (proxy.type === 'snell' && String(proxy.version) === '4') {
+                if (proxy.type === 'snell' && proxy.version >= 4) {
                     return false;
                 } else if (['mieru'].includes(proxy.type)) {
                     return false;

backend/src/core/proxy-utils/producers/sing-box.js

@@ -2,6 +2,26 @@ import ClashMeta_Producer from './clashmeta';
 import $ from '@/core/app';
 import { isIPv4, isIPv6 } from '@/utils';
 
+const ipVersions = {
+    ipv4: 'ipv4_only',
+    ipv6: 'ipv6_only',
+    'v4-only': 'ipv4_only',
+    'v6-only': 'ipv6_only',
+    'ipv4-prefer': 'prefer_ipv4',
+    'ipv6-prefer': 'prefer_ipv6',
+    'prefer-v4': 'prefer_ipv4',
+    'prefer-v6': 'prefer_ipv6',
+};
+
+const ipVersionParser = (proxy, parsedProxy) => {
+    const strategy = ipVersions[proxy['ip-version']];
+    if (proxy._dns_server && strategy) {
+        parsedProxy.domain_resolver = {
+            server: proxy._dns_server,
+            strategy,
+        };
+    }
+};
 const detourParser = (proxy, parsedProxy) => {
     parsedProxy.detour = proxy['dialer-proxy'] || proxy.detour;
 };
@@ -278,6 +298,7 @@ const sshParser = (proxy = {}) => {
     if (proxy['fast-open']) parsedProxy.udp_fragment = true;
     tfoParser(proxy, parsedProxy);
     detourParser(proxy, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 
@@ -305,6 +326,7 @@ const httpParser = (proxy = {}) => {
     tfoParser(proxy, parsedProxy);
     detourParser(proxy, parsedProxy);
     tlsParser(proxy, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 
@@ -327,6 +349,7 @@ const socks5Parser = (proxy = {}) => {
     networkParser(proxy, parsedProxy);
     tfoParser(proxy, parsedProxy);
     detourParser(proxy, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 
@@ -338,6 +361,17 @@ const shadowTLSParser = (proxy = {}) => {
         password: proxy.password,
         detour: `${proxy.name}_shadowtls`,
     };
+    if (proxy.uot) ssPart.udp_over_tcp = true;
+    if (proxy['udp-over-tcp']) {
+        ssPart.udp_over_tcp = {
+            enabled: true,
+            version:
+                !proxy['udp-over-tcp-version'] ||
+                proxy['udp-over-tcp-version'] === 1
+                    ? 1
+                    : 2,
+        };
+    }
     const stPart = {
         tag: `${proxy.name}_shadowtls`,
         type: 'shadowtls',
@@ -360,6 +394,7 @@ const shadowTLSParser = (proxy = {}) => {
     tfoParser(proxy, stPart);
     detourParser(proxy, stPart);
     smuxParser(proxy.smux, ssPart);
+    ipVersionParser(proxy, stPart);
     return { type: 'ss-with-st', ssPart, stPart };
 };
 const ssParser = (proxy = {}) => {
@@ -389,6 +424,7 @@ const ssParser = (proxy = {}) => {
     tfoParser(proxy, parsedProxy);
     detourParser(proxy, parsedProxy);
     smuxParser(proxy.smux, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     if (proxy.plugin) {
         const optArr = [];
         if (proxy.plugin === 'obfs') {
@@ -467,6 +503,7 @@ const ssrParser = (proxy = {}) => {
     tfoParser(proxy, parsedProxy);
     detourParser(proxy, parsedProxy);
     smuxParser(proxy.smux, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 
@@ -505,6 +542,7 @@ const vmessParser = (proxy = {}) => {
     detourParser(proxy, parsedProxy);
     tlsParser(proxy, parsedProxy);
     smuxParser(proxy.smux, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 
@@ -521,7 +559,8 @@ const vlessParser = (proxy = {}) => {
         throw 'invalid port';
     if (proxy.xudp) parsedProxy.packet_encoding = 'xudp';
     if (proxy['fast-open']) parsedProxy.udp_fragment = true;
-    if (proxy.flow === 'xtls-rprx-vision') parsedProxy.flow = proxy.flow;
+    // if (['xtls-rprx-vision', ''].includes(proxy.flow)) parsedProxy.flow = proxy.flow;
+    if (proxy.flow != null) parsedProxy.flow = proxy.flow;
     if (proxy.network === 'ws') wsParser(proxy, parsedProxy);
     if (proxy.network === 'grpc') grpcParser(proxy, parsedProxy);
     networkParser(proxy, parsedProxy);
@@ -529,6 +568,7 @@ const vlessParser = (proxy = {}) => {
     detourParser(proxy, parsedProxy);
     smuxParser(proxy.smux, parsedProxy);
     tlsParser(proxy, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 const trojanParser = (proxy = {}) => {
@@ -550,6 +590,7 @@ const trojanParser = (proxy = {}) => {
     detourParser(proxy, parsedProxy);
     tlsParser(proxy, parsedProxy);
     smuxParser(proxy.smux, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 const hysteriaParser = (proxy = {}) => {
@@ -599,6 +640,7 @@ const hysteriaParser = (proxy = {}) => {
     detourParser(proxy, parsedProxy);
     tfoParser(proxy, parsedProxy);
     smuxParser(proxy.smux, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 const hysteria2Parser = (proxy = {}) => {
@@ -632,6 +674,7 @@ const hysteria2Parser = (proxy = {}) => {
     tfoParser(proxy, parsedProxy);
     detourParser(proxy, parsedProxy);
     smuxParser(proxy.smux, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 const tuic5Parser = (proxy = {}) => {
@@ -663,6 +706,7 @@ const tuic5Parser = (proxy = {}) => {
     detourParser(proxy, parsedProxy);
     tlsParser(proxy, parsedProxy);
     smuxParser(proxy.smux, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 const anytlsParser = (proxy = {}) => {
@@ -678,8 +722,14 @@ const anytlsParser = (proxy = {}) => {
         parsedProxy.idle_session_check_interval = `${proxy['idle-session-check-interval']}s`;
     if (/^\d+$/.test(proxy['idle-session-timeout']))
         parsedProxy.idle_session_timeout = `${proxy['idle-session-timeout']}s`;
+    if (/^\d+$/.test(proxy['min-idle-session']))
+        parsedProxy.min_idle_session = parseInt(
+            `${proxy['min-idle-session']}`,
+            10,
+        );
     detourParser(proxy, parsedProxy);
     tlsParser(proxy, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 
@@ -737,6 +787,7 @@ const wireguardParser = (proxy = {}) => {
     tfoParser(proxy, parsedProxy);
     detourParser(proxy, parsedProxy);
     smuxParser(proxy.smux, parsedProxy);
+    ipVersionParser(proxy, parsedProxy);
     return parsedProxy;
 };
 

backend/src/core/proxy-utils/producers/stash.js

@@ -43,7 +43,7 @@ export default function Stash_Producer() {
                             '2022-blake3-aes-128-gcm',
                             '2022-blake3-aes-256-gcm',
                         ].includes(proxy.cipher)) ||
-                    (proxy.type === 'snell' && String(proxy.version) === '4') ||
+                    (proxy.type === 'snell' && proxy.version >= 4) ||
                     (proxy.type === 'vless' &&
                         proxy['reality-opts'] &&
                         !['xtls-rprx-vision'].includes(proxy.flow))

backend/src/core/proxy-utils/producers/surge.js

@@ -370,9 +370,9 @@ function vmess(proxy, includeUnsupportedProxy) {
 function ssh(proxy) {
     const result = new Result(proxy);
     result.append(`${proxy.name}=ssh,${proxy.server},${proxy.port}`);
-    result.appendIfPresent(`,${proxy.username}`, 'username');
+    result.appendIfPresent(`,username="${proxy.username}"`, 'username');
     // 所有的类似的字段都有双引号的问题 暂不处理
-    result.appendIfPresent(`,"${proxy.password}"`, 'password');
+    result.appendIfPresent(`,password="${proxy.password}"`, 'password');
 
     // https://manual.nssurge.com/policy/ssh.html
     // 需配合 Keystore
@@ -439,8 +439,8 @@ function http(proxy) {
     const result = new Result(proxy);
     const type = proxy.tls ? 'https' : 'http';
     result.append(`${proxy.name}=${type},${proxy.server},${proxy.port}`);
-    result.appendIfPresent(`,${proxy.username}`, 'username');
-    result.appendIfPresent(`,"${proxy.password}"`, 'password');
+    result.appendIfPresent(`,username="${proxy.username}"`, 'username');
+    result.appendIfPresent(`,password="${proxy.password}"`, 'password');
 
     const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
     result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');
@@ -565,8 +565,8 @@ function socks5(proxy) {
     const result = new Result(proxy);
     const type = proxy.tls ? 'socks5-tls' : 'socks5';
     result.append(`${proxy.name}=${type},${proxy.server},${proxy.port}`);
-    result.appendIfPresent(`,${proxy.username}`, 'username');
-    result.appendIfPresent(`,"${proxy.password}"`, 'password');
+    result.appendIfPresent(`,username="${proxy.username}"`, 'username');
+    result.appendIfPresent(`,password="${proxy.password}"`, 'password');
 
     const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
     result.appendIfPresent(`,ip-version=${ip_version}`, 'ip-version');

backend/src/restful/index.js

@@ -119,10 +119,11 @@ export default function serve() {
     $app.start();
 
     if ($.env.isNode) {
-        // Deprecated: SUB_STORE_BACKEND_CRON
-        const backend_sync_cron =
-            eval('process.env.SUB_STORE_BACKEND_SYNC_CRON') ||
-            eval('process.env.SUB_STORE_BACKEND_CRON');
+        // Deprecated: SUB_STORE_BACKEND_CRON, SUB_STORE_CRON
+        const backend_sync_cron = eval(
+            'process.env.SUB_STORE_BACKEND_SYNC_CRON',
+        );
+
         if (backend_sync_cron) {
             $.info(`[SYNC CRON] ${backend_sync_cron} enabled`);
             const { CronJob } = eval(`require("cron")`);
@@ -145,6 +146,17 @@ export default function serve() {
                 true, // start
                 // 'Asia/Shanghai' // timeZone
             );
+        } else {
+            if (eval('process.env.SUB_STORE_BACKEND_CRON')) {
+                $.error(
+                    `[SYNC CRON] SUB_STORE_BACKEND_CRON 已弃用, 请使用 SUB_STORE_BACKEND_SYNC_CRON`,
+                );
+            }
+            if (eval('process.env.SUB_STORE_CRON')) {
+                $.error(
+                    `[SYNC CRON] SUB_STORE_CRON 已弃用, 请使用 SUB_STORE_BACKEND_SYNC_CRON`,
+                );
+            }
         }
         // 格式: 0 */2 * * *,sub,a;0 */3 * * *,col,b
         // 每 2 小时处理一次单条订阅 a, 每 3 小时处理一次组合订阅 b

backend/src/restful/miscs.js

@@ -120,8 +120,10 @@ async function gistBackupAction(action) {
     switch (action) {
         case 'upload':
             try {
-                content = $.read('#sub-store');
-                if ($.env.isNode) content = JSON.stringify($.cache, null, `  `);
+                content = JSON.parse($.read('#sub-store'));
+                if ($.env.isNode) content = { ...$.cache };
+                content.settings.gistToken = '恢复后请重新设置 GitHub Token';
+                content = JSON.stringify(content, null, `  `);
                 $.info(`下载备份, 与本地内容对比...`);
                 const onlineContent = await gist.download(
                     GIST_BACKUP_FILE_NAME,
@@ -137,8 +139,10 @@ async function gistBackupAction(action) {
             // update syncTime
             settings.syncTime = new Date().getTime();
             $.write(settings, SETTINGS_KEY);
-            content = $.read('#sub-store');
-            if ($.env.isNode) content = JSON.stringify($.cache, null, `  `);
+            content = JSON.parse($.read('#sub-store'));
+            if ($.env.isNode) content = { ...$.cache };
+            content.settings.gistToken = '恢复后请重新设置 GitHub Token';
+            content = JSON.stringify(content, null, `  `);
             $.info(`上传备份中...`);
             try {
                 await gist.upload({

backend/src/restful/token.js

@@ -53,6 +53,16 @@ async function signToken(req, res) {
     try {
         const { payload, options } = req.body;
         const ms = eval(`require("ms")`);
+        const type = payload?.type;
+        const name = payload?.name;
+        if (!type || !name)
+            return failed(
+                res,
+                new RequestInvalidError(
+                    'INVALID_PAYLOAD',
+                    `payload type and name are required`,
+                ),
+            );
         let token = payload?.token;
         if (token != null) {
             if (typeof token !== 'string' || token.length < 1) {
@@ -65,7 +75,12 @@ async function signToken(req, res) {
                 );
             }
             const tokens = $.read(TOKENS_KEY) || [];
-            if (tokens.find((t) => t.token === token)) {
+            if (
+                tokens.find(
+                    (t) =>
+                        t.token === token && t.type === type && t.name === name,
+                )
+            ) {
                 return failed(
                     res,
                     new RequestInvalidError(
@@ -75,16 +90,7 @@ async function signToken(req, res) {
                 );
             }
         }
-        const type = payload?.type;
-        const name = payload?.name;
-        if (!type || !name)
-            return failed(
-                res,
-                new RequestInvalidError(
-                    'INVALID_PAYLOAD',
-                    `payload type and name are required`,
-                ),
-            );
+
         if (type === 'col') {
             const collections = $.read(COLLECTIONS_KEY) || [];
             const collection = collections.find((c) => c.name === name);
@@ -153,7 +159,12 @@ async function signToken(req, res) {
         if (!token) {
             do {
                 token = nanoid.customAlphabet(nanoid.urlAlphabet)();
-            } while (tokens.find((t) => t.token === token));
+            } while (
+                tokens.find(
+                    (t) =>
+                        t.token === token && t.type === type && t.name === name,
+                )
+            );
         }
         tokens.push({
             ...payload,

backend/src/utils/download.js

@@ -14,6 +14,8 @@ import $ from '@/core/app';
 import { findByName } from '@/utils/database';
 import { produceArtifact } from '@/restful/sync';
 import PROXY_PREPROCESSORS from '@/core/proxy-utils/preprocessors';
+import { ProxyUtils } from '@/core/proxy-utils';
+
 const clashPreprocessor = PROXY_PREPROCESSORS.find(
     (processor) => processor.name === 'Clash Pre-processor',
 );
@@ -261,10 +263,34 @@ export default async function download(
             if (shouldCache) {
                 resourceCache.set(id, body);
                 if (customCacheKey) {
-                    $.info(
-                        `URL ${url}\n写入自定义缓存 ${$arguments?.cacheKey}`,
-                    );
-                    $.write(body, customCacheKey);
+                    let shouldWriteCustomCacheKey = true;
+                    if (preprocess) {
+                        try {
+                            const proxies = ProxyUtils.parse(body);
+                            if (
+                                !Array.isArray(proxies) ||
+                                proxies.length === 0
+                            ) {
+                                $.error(
+                                    `URL ${url} 不包含有效节点\n不写入自定义缓存 ${$arguments?.cacheKey}`,
+                                );
+                                shouldWriteCustomCacheKey = false;
+                            }
+                        } catch (e) {
+                            $.error(
+                                `URL ${url} 尝试解析节点失败 ${
+                                    e.message ?? e
+                                }\n不写入自定义缓存 ${$arguments?.cacheKey}`,
+                            );
+                            shouldWriteCustomCacheKey = false;
+                        }
+                    }
+                    if (shouldWriteCustomCacheKey) {
+                        $.info(
+                            `URL ${url}\n写入自定义缓存 ${$arguments?.cacheKey}`,
+                        );
+                        $.write(body, customCacheKey);
+                    }
                 }
             }
 

backend/src/utils/flow.js

@@ -334,7 +334,22 @@ export function normalizeFlowHeader(flowHeaders) {
                 if (!kvMap.has(key)) {
                     try {
                         // 解码 URI 组件并保留原始值作为 fallback
-                        const decodedValue = decodeURIComponent(encodedValue);
+                        let decodedValue = decodeURIComponent(encodedValue);
+                        if (
+                            ['upload', 'download', 'total', 'expire'].includes(
+                                key,
+                            )
+                        ) {
+                            try {
+                                decodedValue = Number(decodedValue).toFixed(0);
+                            } catch (e) {
+                                $.error(
+                                    `Failed to convert value for key "${key}=${encodedValue}": ${
+                                        e.message ?? e
+                                    }`,
+                                );
+                            }
+                        }
                         kvMap.set(key, decodedValue);
                     } catch (e) {
                         kvMap.set(key, encodedValue);

backend/src/vendor/open-api.js

@@ -484,6 +484,7 @@ export function HTTP(defaultOptions = { baseURL: '' }) {
                         url: options.url,
                         headers: options.headers,
                         body: options.body,
+                        autoTransformBody: false,
                         options: {
                             Proxy: options.proxy,
                             Timeout: options.timeout

nginx/front.conf

@@ -1,40 +0,0 @@
-upstream api {
-  server 0.0.0.0:3000;
-}
-
-server {
-  listen 6080;  
-#   allow 127.0.0.1;
-#   allow 0.0.0.0;               
-#   deny all; 
-
-  gzip on;
-  gzip_static on;
-  gzip_types text/plain application/json application/javascript application/x-javascript text/css application/xml text/javascript;
-  gzip_proxied  any;
-  gzip_vary on;
-  gzip_comp_level 6;
-  gzip_buffers 16 8k;
-  gzip_http_version 1.0;
-
-  location / {
-    root /Sub-Store/web/dist;
-    index  index.html index.htm;
-    try_files $uri $uri/ /index.html;
-  }
- 
-  location /api {
-    proxy_set_header Host $http_host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_pass http://api;
-  }
-
-  location /download {
-    proxy_set_header Host $http_host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_pass http://api;
-  }
-
-}

scripts/demo.js

@@ -26,7 +26,7 @@ function operator(proxies = [], targetPlatform, context) {
   // 12. 以 Surge 为例, 最新的参数一般我都会跟进, 以 Surge 文档为例, 一些常用的: TUIC/Hysteria 2 的 `ecn`, Snell 的 `reuse` 连接复用, QUIC 策略 block-quic`, Hysteria 2 下载带宽 `down`
   // 13. `test-url` 为测延迟链接, `test-timeout` 为测延迟超时
   // 14. `ports` 为端口跳跃, `hop-interval` 变换端口号的时间间隔
-  // 15. `ip-version` 设置节点使用 IP 版本，可选：dual，ipv4，ipv6，ipv4-prefer，ipv6-prefer. 会进行内部转换, 若无法匹配则使用原始值
+  // 15. `ip-version` 设置节点使用 IP 版本，兼容各家的值. 会进行内部转换. sing-box 以外: 若无法匹配则使用原始值. sing-box: 需有匹配且节点上设置 `_dns_server` 字段, 将自动设置 `domain_resolver.server`
   // 16. `sing-box` 支持使用 `_network` 来设置 `network`, 例如 `tcp`, `udp`
   // 17. `block-quic` 支持 `auto`, `on`, `off`. 不同的平台不一定都支持, 会自动转换
 
@@ -151,6 +151,18 @@ function operator(proxies = [], targetPlatform, context) {
   // });
   // $server.sni = sni
 
+  // 示例: 从 config 文件中读取配置项并进行节点操作
+  // config 的本地内容为
+  // {
+  //   "reuse": false
+  // }
+  // 脚本操作为
+  // const config = (ProxyUtils.JSON5 || JSON).parse(await produceArtifact({
+  //     type: 'file',
+  //     name: 'config' // 文件名
+  // }))
+  // $server.reuse = config.reuse
+
   // 1. Surge 输出 WireGuard 完整配置
 
   // let proxies = await produceArtifact({
@@ -235,14 +247,14 @@ function operator(proxies = [], targetPlatform, context) {
   // 这个历史遗留原因, 是有点复杂. 提供一个例子, 用来取当前脚本所在的组合订阅或单条订阅名称
 
   // let name = ''
-  // for (const [key, value] of Object.entries(env.source)) {
+  // for (const [key, value] of Object.entries(context.source)) {
   //   if (!key.startsWith('_')) {
   //     name = value.displayName || value.name
   //     break
   //   }
   // }
   // if (!name) {
-  //   const collection = env.source._collection
+  //   const collection = context.source._collection
   //   name = collection.displayName || collection.name
   // }