doc: README

feat: 订阅和文件的远程链接支持使用换行混写三种格式 1. 完整远程链接 2. 类似 /api/file/name 的内部文件调用路径 3. 本地文件的绝对路径
fix: 脚本链接为路径时带参解析
2025-07-31 01:52:04 +08:00 · 2025-06-03 16:42:01 +08:00 · 2025-06-03 00:10:45 +08:00 · 2025-06-02 23:17:47 +08:00 · 2025-06-02 20:39:15 +08:00 · 2025-06-01 11:54:32 +08:00
38 changed files with 1047 additions and 311 deletions
--- a/README.md
+++ b/README.md
@ -41,6 +41,9 @@ Core functionalities:
 - [x] Surfboard (SS, VMess, Trojan, HTTP, SOCKS5, SOCKS5-TLS, WireGuard(Surfboard to Surfboard))
 - [x] Clash.Meta (Direct, SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, Hysteria 2, TUIC, SSH, mieru, AnyTLS)
 - [x] Stash (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard, Hysteria, TUIC, Juicity, SSH)
+
+Deprecated(The frontend doesn't show it, but the backend still supports it, with the query parameter `target=Clash`):
+
 - [x] Clash (SS, SSR, VMess, Trojan, HTTP, SOCKS5, Snell, VLESS, WireGuard)

 ### Supported Target Platforms
@ -48,7 +51,6 @@ Core functionalities:
 - [x] Plain JSON
 - [x] Stash
 - [x] Clash.Meta(mihomo)
- [x] Clash
 - [x] Surfboard
 - [x] Surge
 - [x] SurgeMac(Use mihomo to support protocols that are not supported by Surge itself)
@ -60,6 +62,10 @@ Core functionalities:
 - [x] V2Ray
 - [x] V2Ray URI

+Deprecated:
+
+- [x] Clash
+
 ## 2. Subscription Formatting

 ### Filtering
@ -122,3 +128,9 @@ This project is under the GPL V3 LICENSE.

 - Special thanks to @KOP-XIAO for his awesome resource-parser. Please give a [star](https://github.com/KOP-XIAO/QuantumultX) for his great work!
 - Special thanks to @Orz-3 and @58xinian for their awesome icons.
+
+## Sponsors
+
+[![image](./support.nodeseek.com_page_promotion_id=8.png)](https://yxvm.com)
+
+[NodeSupport](https://github.com/NodeSeekDev/NodeSupport) sponsored this project.
--- a/backend/package.json
+++ b/backend/package.json
@ -1,6 +1,6 @@
 {
  "name": "sub-store",
-  "version": "2.19.1",
+  "version": "2.19.60",
  "description": "Advanced Subscription Manager for QX, Loon, Surge, Stash and Shadowrocket.",
  "main": "src/main.js",
  "scripts": {
--- a/backend/src/core/proxy-utils/index.js
+++ b/backend/src/core/proxy-utils/index.js
@ -1,7 +1,8 @@
+import { Base64 } from 'js-base64';
 import { Buffer } from 'buffer';
 import rs from '@/utils/rs';
 import YAML from '@/utils/yaml';
-import download from '@/utils/download';
+import download, { downloadFile } from '@/utils/download';
 import {
    isIPv4,
    isIPv6,
@ -114,12 +115,7 @@ async function processFn(
        if (item.type.indexOf('Script') !== -1) {
            const { mode, content } = item.args;
            if (mode === 'link') {
-                let noCache;
                let url = content || '';
-                if (url.endsWith('#noCache')) {
-                    url = url.replace(/#noCache$/, '');
-                    noCache = true;
-                }
                // extract link arguments
                const rawArgs = url.split('#');
                if (rawArgs.length > 1) {
@ -138,10 +134,17 @@ async function processFn(
                        }
                    }
                }
-                url = `${url.split('#')[0]}${noCache ? '#noCache' : ''}`;
-                const downloadUrlMatch = url.match(
-                    /^\/api\/(file|module)\/(.+)/,
-                );
+                url = `${url.split('#')[0]}${
+                    rawArgs[2]
+                        ? `#${rawArgs[2]}`
+                        : $arguments?.noCache != null ||
+                          $arguments?.insecure != null
+                        ? `#${rawArgs[1]}`
+                        : ''
+                }`;
+                const downloadUrlMatch = url
+                    .split('#')[0]
+                    .match(/^\/api\/(file|module)\/(.+)/);
                if (downloadUrlMatch) {
                    let type = '';
                    try {
@ -171,6 +174,17 @@ async function processFn(
                        );
                        throw new Error(`无法加载 ${type}: ${url}`);
                    }
+                } else if (url?.startsWith('/')) {
+                    try {
+                        const fs = eval(`require("fs")`);
+                        script = fs.readFileSync(url.split('#')[0], 'utf8');
+                        // $.info(`Script loaded: >>>\n ${script}`);
+                    } catch (err) {
+                        $.error(
+                            `Error when reading local script: ${item.args.content}.\n Reason: ${err}`,
+                        );
+                        throw new Error(`无法从该路径读取脚本文件: ${url}`);
+                    }
                } else {
                    // if this is a remote script, download it
                    try {
@ -328,8 +342,11 @@ export const ProxyUtils = {
    MMDB,
    Gist,
    download,
+    downloadFile,
    isValidUUID,
    doh,
+    Buffer,
+    Base64,
 };

 function tryParse(parser, line) {
@ -613,7 +630,7 @@ function lastParse(proxy) {
        proxy['tls-fingerprint'] = rs.generateFingerprint(caStr);
    }
    if (
-        ['shadowsocks'].includes(proxy.type) &&
+        ['ss'].includes(proxy.type) &&
        isPresent(proxy, 'shadow-tls-password')
    ) {
        proxy.plugin = 'shadow-tls';
--- a/backend/src/core/proxy-utils/parsers/index.js
+++ b/backend/src/core/proxy-utils/parsers/index.js
@ -128,13 +128,13 @@ function URI_SS() {
        // parse url
        let content = line.split('ss://')[1];

+        let name = line.split('#')[1];
        const proxy = {
-            name: decodeURIComponent(line.split('#')[1]),
            type: 'ss',
        };
        content = content.split('#')[0]; // strip proxy name
        // handle IPV4 and IPV6
-        let serverAndPortArray = content.match(/@([^/]*)(\/|$)/);
+        let serverAndPortArray = content.match(/@([^/?]*)(\/|\?|$)/);

        let rawUserInfoStr = decodeURIComponent(content.split('@')[0]); // 其实应该分隔之后, 用户名和密码再 decodeURIComponent. 但是问题不大
        let userInfoStr;
@ -260,6 +260,10 @@ function URI_SS() {
        if (/(&|\?)tfo=(1|true)/i.test(query)) {
            proxy.tfo = true;
        }
+        if (name != null) {
+            name = decodeURIComponent(name);
+        }
+        proxy.name = name ?? `SS ${proxy.server}:${proxy.port}`;
        return proxy;
    };
    return { name, test, parse };
@ -435,7 +439,16 @@ function URI_VMess() {
                type: 'vmess',
                server,
                port,
-                cipher: getIfPresent(params.scy, 'auto'),
+                // https://github.com/2dust/v2rayN/wiki/Description-of-VMess-share-link
+                // https://github.com/XTLS/Xray-core/issues/91
+                cipher: [
+                    'auto',
+                    'aes-128-gcm',
+                    'chacha20-poly1305',
+                    'none',
+                ].includes(params.scy)
+                    ? params.scy
+                    : 'auto',
                uuid: params.id,
                alterId: parseInt(
                    getIfPresent(params.aid ?? params.alterId, 0),
@ -452,8 +465,12 @@ function URI_VMess() {
                );
            }
            // https://github.com/2dust/v2rayN/wiki/%E5%88%86%E4%BA%AB%E9%93%BE%E6%8E%A5%E6%A0%BC%E5%BC%8F%E8%AF%B4%E6%98%8E(ver-2)
-            if (proxy.tls && params.sni && params.sni !== '') {
-                proxy.sni = params.sni;
+            if (proxy.tls) {
+                if (params.sni && params.sni !== '') {
+                    proxy.sni = params.sni;
+                } else if (params.peer && params.peer !== '') {
+                    proxy.sni = params.peer;
+                }
            }
            let httpupgrade = false;
            // handle obfs
@ -465,8 +482,8 @@ function URI_VMess() {
                ['http'].includes(params.type)
            ) {
                proxy.network = 'http';
-            } else if (['grpc'].includes(params.net)) {
-                proxy.network = 'grpc';
+            } else if (['grpc', 'kcp', 'quic'].includes(params.net)) {
+                proxy.network = params.net;
            } else if (
                params.net === 'httpupgrade' ||
                proxy.network === 'httpupgrade'
@ -492,6 +509,11 @@ function URI_VMess() {
                } catch (e) {}
                let transportPath = params.path;

+                // 补上默认 path
+                if (['ws'].includes(proxy.network)) {
+                    transportPath = transportPath || '/';
+                }
+
                if (proxy.network === 'http') {
                    if (transportHost) {
                        // 1)http(tcp)->host中间逗号(,)隔开
@ -511,13 +533,28 @@ function URI_VMess() {
                    }
                }
                // 传输层应该有配置, 暂时不考虑兼容不给配置的节点
-                if (transportPath || transportHost) {
+                if (
+                    transportPath ||
+                    transportHost ||
+                    ['kcp', 'quic'].includes(proxy.network)
+                ) {
                    if (['grpc'].includes(proxy.network)) {
                        proxy[`${proxy.network}-opts`] = {
                            'grpc-service-name': getIfNotBlank(transportPath),
                            '_grpc-type': getIfNotBlank(params.type),
                            '_grpc-authority': getIfNotBlank(params.authority),
                        };
+                    } else if (['kcp', 'quic'].includes(proxy.network)) {
+                        proxy[`${proxy.network}-opts`] = {
+                            [`_${proxy.network}-type`]: getIfNotBlank(
+                                params.type,
+                            ),
+                            [`_${proxy.network}-host`]: getIfNotBlank(
+                                getIfNotBlank(transportHost),
+                            ),
+                            [`_${proxy.network}-path`]:
+                                getIfNotBlank(transportPath),
+                        };
                    } else {
                        const opts = {
                            path: getIfNotBlank(transportPath),
@ -533,6 +570,12 @@ function URI_VMess() {
                    delete proxy.network;
                }
            }
+
+            proxy['client-fingerprint'] = params.fp;
+            proxy.alpn = params.alpn ? params.alpn.split(',') : undefined;
+            // 然而 wiki 和 app 实测中都没有字段表示这个
+            // proxy['skip-cert-verify'] = /(TRUE)|1/i.test(params.allowInsecure);
+
            return proxy;
        }
    };
@ -634,6 +677,9 @@ function URI_VLESS() {
        }
        if (!proxy.network && isShadowrocket && params.obfs) {
            proxy.network = params.obfs;
+            if (['none'].includes(proxy.network)) {
+                proxy.network = 'tcp';
+            }
        }
        if (['websocket'].includes(proxy.network)) {
            proxy.network = 'ws';
@ -736,6 +782,8 @@ function URI_AnyTLS() {
                proxy[key] = value ? value.split(',') : undefined;
            } else if (['insecure'].includes(key)) {
                proxy['skip-cert-verify'] = /(TRUE)|1/i.test(value);
+            } else if (['udp'].includes(key)) {
+                proxy[key] = /(TRUE)|1/i.test(value);
            } else {
                proxy[key] = value;
            }
@ -954,6 +1002,9 @@ function URI_TUIC() {
                proxy.tfo = true;
            } else if (['disable-sni', 'reduce-rtt'].includes(key)) {
                proxy[key] = /(TRUE)|1/i.test(value);
+            } else if (key === 'congestion-control') {
+                proxy['congestion-controller'] = value;
+                delete proxy[key];
            } else {
                proxy[key] = value;
            }
--- a/backend/src/core/proxy-utils/parsers/peggy/loon.js
+++ b/backend/src/core/proxy-utils/parsers/peggy/loon.js
@ -39,12 +39,12 @@ start = (shadowsocksr/shadowsocks/vmess/vless/trojan/https/http/socks5/hysteria2
    return proxy;
 }

-shadowsocksr = tag equals "shadowsocksr"i address method password (ssr_protocol/ssr_protocol_param/obfs_ssr/obfs_ssr_param/obfs_host/obfs_uri/fast_open/udp_relay/udp_port/shadow_tls_version/shadow_tls_sni/shadow_tls_password/ip_mode/others)*{
+shadowsocksr = tag equals "shadowsocksr"i address method password (ssr_protocol/ssr_protocol_param/obfs_ssr/obfs_ssr_param/obfs_host/obfs_uri/fast_open/udp_relay/udp_port/shadow_tls_version/shadow_tls_sni/shadow_tls_password/ip_mode/block_quic/others)*{
    proxy.type = "ssr";
    // handle ssr obfs
    proxy.obfs = obfs.type;
 }
-shadowsocks = tag equals "shadowsocks"i address method password (obfs_typev obfs_hostv)? (obfs_ss/obfs_host/obfs_uri/fast_open/udp_relay/udp_port/shadow_tls_version/shadow_tls_sni/shadow_tls_password/ip_mode/others)* {
+shadowsocks = tag equals "shadowsocks"i address method password (obfs_typev obfs_hostv)? (obfs_ss/obfs_host/obfs_uri/fast_open/udp_relay/udp_port/shadow_tls_version/shadow_tls_sni/shadow_tls_password/ip_mode/block_quic/others)* {
    proxy.type = "ss";
    // handle ss obfs
    if (obfs.type == "http" || obfs.type === "tls") {
@ -54,31 +54,31 @@ shadowsocks = tag equals "shadowsocks"i address method password (obfs_typev obfs
        $set(proxy, "plugin-opts.path", obfs.path);
    }
 }
-vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/vmess_alterId/fast_open/udp_relay/ip_mode/others)* {
+vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/vmess_alterId/fast_open/udp_relay/ip_mode/public_key/short_id/block_quic/others)* {
    proxy.type = "vmess";
    proxy.cipher = proxy.cipher || "none";
    proxy.alterId = proxy.alterId || 0;
    handleTransport();
 }
-vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/others)* {
+vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/flow/public_key/short_id/block_quic/others)* {
    proxy.type = "vless";
    handleTransport();
 }
-trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/others)* {
+trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/block_quic/others)* {
    proxy.type = "trojan";
    handleTransport();
 }
-hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/udp_relay/fast_open/download_bandwidth/salamander_password/ecn/ip_mode/others)* {
+hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/udp_relay/fast_open/download_bandwidth/salamander_password/ecn/ip_mode/block_quic/others)* {
    proxy.type = "hysteria2";
 }
-https = tag equals "https"i address (username password)? (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/others)* {
+https = tag equals "https"i address (username password)? (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/block_quic/others)* {
    proxy.type = "http";
    proxy.tls = true;
 }
-http = tag equals "http"i address (username password)? (fast_open/udp_relay/ip_mode/others)* {
+http = tag equals "http"i address (username password)? (fast_open/udp_relay/ip_mode/block_quic/others)* {
    proxy.type = "http";
 }
-socks5 = tag equals "socks5"i address (username password)? (over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/others)* {
+socks5 = tag equals "socks5"i address (username password)? (over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/block_quic/others)* {
    proxy.type = "socks5";
 }

@ -180,6 +180,10 @@ tls_verification = comma "skip-cert-verify" equals flag:bool { proxy["skip-cert-
 tls_cert_sha256 = comma "tls-cert-sha256" equals match:[^,]+ { proxy["tls-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); }
 tls_pubkey_sha256 = comma "tls-pubkey-sha256" equals match:[^,]+ { proxy["tls-pubkey-sha256"] = match.join("").replace(/^"(.*)"$/, '$1'); }

+flow = comma "flow" equals match:[^,]+ { proxy["flow"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+public_key = comma "public-key" equals match:[^,]+ { proxy["reality-opts"] = proxy["reality-opts"] || {}; proxy["reality-opts"]["public-key"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+short_id = comma "short-id" equals match:[^,]+ { proxy["reality-opts"] = proxy["reality-opts"] || {}; proxy["reality-opts"]["short-id"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+
 fast_open = comma "fast-open" equals flag:bool { proxy.tfo = flag; }
 udp_relay = comma "udp" equals flag:bool { proxy.udp = flag; }
 ip_mode = comma "ip-mode" equals match:[^,]+ { proxy["ip-version"] = match.join(""); }
@ -188,6 +192,8 @@ ecn = comma "ecn" equals flag:bool { proxy.ecn = flag; }
 download_bandwidth = comma "download-bandwidth" equals match:[^,]+ { proxy.down = match.join(""); }
 salamander_password = comma "salamander-password" equals match:[^,]+ { proxy['obfs-password'] = match.join(""); proxy.obfs = 'salamander'; }

+block_quic = comma "block-quic" equals flag:bool { if(flag) proxy["block-quic"] = "on"; else proxy["block-quic"] = "off"; }
+
 tag = match:[^=,]* { proxy.name = match.join("").trim(); }
 comma = _ "," _
 equals = _ "=" _
--- a/backend/src/core/proxy-utils/parsers/peggy/loon.peg
+++ b/backend/src/core/proxy-utils/parsers/peggy/loon.peg
@ -37,12 +37,12 @@ start = (shadowsocksr/shadowsocks/vmess/vless/trojan/https/http/socks5/hysteria2
    return proxy;
 }

-shadowsocksr = tag equals "shadowsocksr"i address method password (ssr_protocol/ssr_protocol_param/obfs_ssr/obfs_ssr_param/obfs_host/obfs_uri/fast_open/udp_relay/udp_port/shadow_tls_version/shadow_tls_sni/shadow_tls_password/ip_mode/others)*{
+shadowsocksr = tag equals "shadowsocksr"i address method password (ssr_protocol/ssr_protocol_param/obfs_ssr/obfs_ssr_param/obfs_host/obfs_uri/fast_open/udp_relay/udp_port/shadow_tls_version/shadow_tls_sni/shadow_tls_password/ip_mode/block_quic/others)*{
    proxy.type = "ssr";
    // handle ssr obfs
    proxy.obfs = obfs.type;
 }
-shadowsocks = tag equals "shadowsocks"i address method password (obfs_typev obfs_hostv)? (obfs_ss/obfs_host/obfs_uri/fast_open/udp_relay/udp_port/shadow_tls_version/shadow_tls_sni/shadow_tls_password/ip_mode/others)* {
+shadowsocks = tag equals "shadowsocks"i address method password (obfs_typev obfs_hostv)? (obfs_ss/obfs_host/obfs_uri/fast_open/udp_relay/udp_port/shadow_tls_version/shadow_tls_sni/shadow_tls_password/ip_mode/block_quic/others)* {
    proxy.type = "ss";
    // handle ss obfs
    if (obfs.type == "http" || obfs.type === "tls") {
@ -52,31 +52,31 @@ shadowsocks = tag equals "shadowsocks"i address method password (obfs_typev obfs
        $set(proxy, "plugin-opts.path", obfs.path);
    }
 }
-vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/vmess_alterId/fast_open/udp_relay/ip_mode/others)* {
+vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/vmess_alterId/fast_open/udp_relay/ip_mode/public_key/short_id/block_quic/others)* {
    proxy.type = "vmess";
    proxy.cipher = proxy.cipher || "none";
    proxy.alterId = proxy.alterId || 0;
    handleTransport();
 }
-vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/others)* {
+vless = tag equals "vless"i address uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/flow/public_key/short_id/block_quic/others)* {
    proxy.type = "vless";
    handleTransport();
 }
-trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/others)* {
+trojan = tag equals "trojan"i address password (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/block_quic/others)* {
    proxy.type = "trojan";
    handleTransport();
 }
-hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/udp_relay/fast_open/download_bandwidth/salamander_password/ecn/ip_mode/others)* {
+hysteria2 = tag equals "hysteria2"i address password (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/udp_relay/fast_open/download_bandwidth/salamander_password/ecn/ip_mode/block_quic/others)* {
    proxy.type = "hysteria2";
 }
-https = tag equals "https"i address (username password)? (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/others)* {
+https = tag equals "https"i address (username password)? (tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/block_quic/others)* {
    proxy.type = "http";
    proxy.tls = true;
 }
-http = tag equals "http"i address (username password)? (fast_open/udp_relay/ip_mode/others)* {
+http = tag equals "http"i address (username password)? (fast_open/udp_relay/ip_mode/block_quic/others)* {
    proxy.type = "http";
 }
-socks5 = tag equals "socks5"i address (username password)? (over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/others)* {
+socks5 = tag equals "socks5"i address (username password)? (over_tls/tls_host/tls_verification/tls_cert_sha256/tls_pubkey_sha256/fast_open/udp_relay/ip_mode/block_quic/others)* {
    proxy.type = "socks5";
 }

@ -178,6 +178,10 @@ tls_verification = comma "skip-cert-verify" equals flag:bool { proxy["skip-cert-
 tls_cert_sha256 = comma "tls-cert-sha256" equals match:[^,]+ { proxy["tls-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); }
 tls_pubkey_sha256 = comma "tls-pubkey-sha256" equals match:[^,]+ { proxy["tls-pubkey-sha256"] = match.join("").replace(/^"(.*)"$/, '$1'); }

+flow = comma "flow" equals match:[^,]+ { proxy["flow"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+public_key = comma "public-key" equals match:[^,]+ { proxy["reality-opts"] = proxy["reality-opts"] || {}; proxy["reality-opts"]["public-key"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+short_id = comma "short-id" equals match:[^,]+ { proxy["reality-opts"] = proxy["reality-opts"] || {}; proxy["reality-opts"]["short-id"] = match.join("").replace(/^"(.*)"$/, '$1'); }
+
 fast_open = comma "fast-open" equals flag:bool { proxy.tfo = flag; }
 udp_relay = comma "udp" equals flag:bool { proxy.udp = flag; }
 ip_mode = comma "ip-mode" equals match:[^,]+ { proxy["ip-version"] = match.join(""); }
@ -186,6 +190,8 @@ ecn = comma "ecn" equals flag:bool { proxy.ecn = flag; }
 download_bandwidth = comma "download-bandwidth" equals match:[^,]+ { proxy.down = match.join(""); }
 salamander_password = comma "salamander-password" equals match:[^,]+ { proxy['obfs-password'] = match.join(""); proxy.obfs = 'salamander'; }

+block_quic = comma "block-quic" equals flag:bool { if(flag) proxy["block-quic"] = "on"; else proxy["block-quic"] = "off"; }
+
 tag = match:[^=,]* { proxy.name = match.join("").trim(); }
 comma = _ "," _
 equals = _ "=" _
--- a/backend/src/core/proxy-utils/parsers/peggy/qx.js
+++ b/backend/src/core/proxy-utils/parsers/peggy/qx.js
@ -49,7 +49,7 @@ trojan = "trojan" equals address
 }

 shadowsocks = "shadowsocks" equals address
-    (password/method/obfs_ssr/obfs_ss/obfs_host/obfs_uri/ssr_protocol/ssr_protocol_param/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/udp_relay/udp_over_tcp/fast_open/tag/server_check_url/others)* {
+    (password/method/obfs_ssr/obfs_ss/obfs_host/obfs_uri/ssr_protocol/ssr_protocol_param/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/udp_relay/udp_over_tcp_new/fast_open/tag/server_check_url/others)* {
    if (proxy.protocol || proxy.type === "ssr") {
        proxy.type = "ssr";
        if (!proxy.protocol) {
@ -86,10 +86,10 @@ vmess = "vmess" equals address
    (uuid/method/over_tls/tls_host/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/tag/obfs/obfs_host/obfs_uri/udp_relay/udp_over_tcp/fast_open/aead/server_check_url/others)* {
    proxy.type = "vmess";
    proxy.cipher = proxy.cipher || "none";
-    if (proxy.aead) {
-        proxy.alterId = 0;
+    if (proxy.aead === false) {
+        proxy.alterId = 1;
    } else {
-        proxy.alterId = proxy.alterId || 0;
+        proxy.alterId = 0;
    }
    handleObfs();
 }
@ -145,18 +145,20 @@ port = digits:[0-9]+ {
    }
 }

-username = comma "username" equals username:[^=,]+ { proxy.username = username.join("").trim(); }
-password = comma "password" equals password:[^=,]+ { proxy.password = password.join("").trim(); }
-uuid = comma "password" equals uuid:[^=,]+ { proxy.uuid = uuid.join("").trim(); }
+username = comma "username" equals username:[^,]+ { proxy.username = username.join("").trim(); }
+password = comma "password" equals password:[^,]+ { proxy.password = password.join("").trim(); }
+uuid = comma "password" equals uuid:[^,]+ { proxy.uuid = uuid.join("").trim(); }

 method = comma "method" equals cipher:cipher { 
    proxy.cipher = cipher;
 };
-cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"bf-cfb"/"cast5-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"des-cfb"/"none"/"rc2-cfb"/"rc4-md5-6"/"rc4-md5"/"salsa20"/"xchacha20-ietf-poly1305");
+cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"bf-cfb"/"cast5-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"des-cfb"/"none"/"rc2-cfb"/"rc4-md5-6"/"rc4-md5"/"salsa20"/"xchacha20-ietf-poly1305"/"2022-blake3-aes-128-gcm"/"2022-blake3-aes-256-gcm");
 aead = comma "aead" equals flag:bool { proxy.aead = flag; }

 udp_relay = comma "udp-relay" equals flag:bool { proxy.udp = flag; }
 udp_over_tcp = comma "udp-over-tcp" equals flag:bool { throw new Error("UDP over TCP is not supported"); }
+udp_over_tcp_new = comma "udp-over-tcp" equals param:$[^=,]+ { if (param === "sp.v1") { proxy["udp-over-tcp"] = true; proxy["udp-over-tcp-version"] = 1; } else if (param === "sp.v2") { proxy["udp-over-tcp"] = true; proxy["udp-over-tcp-version"] = 2; } else if (param === "true") { proxy["_ssr_python_uot"] = true; } else { throw new Error("Invalid value for udp-over-tcp"); } }
+
 fast_open = comma "fast-open" equals flag:bool { proxy.tfo = flag; }

 over_tls = comma "over-tls" equals flag:bool { proxy.tls = flag; }
--- a/backend/src/core/proxy-utils/parsers/peggy/qx.peg
+++ b/backend/src/core/proxy-utils/parsers/peggy/qx.peg
@ -47,7 +47,7 @@ trojan = "trojan" equals address
 }

 shadowsocks = "shadowsocks" equals address
-    (password/method/obfs_ssr/obfs_ss/obfs_host/obfs_uri/ssr_protocol/ssr_protocol_param/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/udp_relay/udp_over_tcp/fast_open/tag/server_check_url/others)* {
+    (password/method/obfs_ssr/obfs_ss/obfs_host/obfs_uri/ssr_protocol/ssr_protocol_param/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/udp_relay/udp_over_tcp_new/fast_open/tag/server_check_url/others)* {
    if (proxy.protocol || proxy.type === "ssr") {
        proxy.type = "ssr";
        if (!proxy.protocol) {
@ -84,10 +84,10 @@ vmess = "vmess" equals address
    (uuid/method/over_tls/tls_host/tls_pubkey_sha256/tls_alpn/tls_no_session_ticket/tls_no_session_reuse/tls_fingerprint/tls_verification/tag/obfs/obfs_host/obfs_uri/udp_relay/udp_over_tcp/fast_open/aead/server_check_url/others)* {
    proxy.type = "vmess";
    proxy.cipher = proxy.cipher || "none";
-    if (proxy.aead) {
-        proxy.alterId = 0;
+    if (proxy.aead === false) {
+        proxy.alterId = 1;
    } else {
-        proxy.alterId = proxy.alterId || 0;
+        proxy.alterId = 0;
    }
    handleObfs();
 }
@ -143,18 +143,20 @@ port = digits:[0-9]+ {
    }
 }

-username = comma "username" equals username:[^=,]+ { proxy.username = username.join("").trim(); }
-password = comma "password" equals password:[^=,]+ { proxy.password = password.join("").trim(); }
-uuid = comma "password" equals uuid:[^=,]+ { proxy.uuid = uuid.join("").trim(); }
+username = comma "username" equals username:[^,]+ { proxy.username = username.join("").trim(); }
+password = comma "password" equals password:[^,]+ { proxy.password = password.join("").trim(); }
+uuid = comma "password" equals uuid:[^,]+ { proxy.uuid = uuid.join("").trim(); }

 method = comma "method" equals cipher:cipher { 
    proxy.cipher = cipher;
 };
-cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"bf-cfb"/"cast5-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"des-cfb"/"none"/"rc2-cfb"/"rc4-md5-6"/"rc4-md5"/"salsa20"/"xchacha20-ietf-poly1305");
+cipher = ("aes-128-cfb"/"aes-128-ctr"/"aes-128-gcm"/"aes-192-cfb"/"aes-192-ctr"/"aes-192-gcm"/"aes-256-cfb"/"aes-256-ctr"/"aes-256-gcm"/"bf-cfb"/"cast5-cfb"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"des-cfb"/"none"/"rc2-cfb"/"rc4-md5-6"/"rc4-md5"/"salsa20"/"xchacha20-ietf-poly1305"/"2022-blake3-aes-128-gcm"/"2022-blake3-aes-256-gcm");
 aead = comma "aead" equals flag:bool { proxy.aead = flag; }

 udp_relay = comma "udp-relay" equals flag:bool { proxy.udp = flag; }
 udp_over_tcp = comma "udp-over-tcp" equals flag:bool { throw new Error("UDP over TCP is not supported"); }
+udp_over_tcp_new = comma "udp-over-tcp" equals param:$[^=,]+ { if (param === "sp.v1") { proxy["udp-over-tcp"] = true; proxy["udp-over-tcp-version"] = 1; } else if (param === "sp.v2") { proxy["udp-over-tcp"] = true; proxy["udp-over-tcp-version"] = 2; } else if (param === "true") { proxy["_ssr_python_uot"] = true; } else { throw new Error("Invalid value for udp-over-tcp"); } }
+
 fast_open = comma "fast-open" equals flag:bool { proxy.tfo = flag; }

 over_tls = comma "over-tls" equals flag:bool { proxy.tls = flag; }
--- a/backend/src/core/proxy-utils/parsers/peggy/surge.js
+++ b/backend/src/core/proxy-utils/parsers/peggy/surge.js
@ -55,10 +55,11 @@ shadowsocks = tag equals "ss" address (method/passwordk/obfs/obfs_host/obfs_uri/
 vmess = tag equals "vmess" address (vmess_uuid/vmess_aead/ws/ws_path/ws_headers/method/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/tls/sni/tls_fingerprint/tls_verification/fast_open/tfo/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
    proxy.type = "vmess";
    proxy.cipher = proxy.cipher || "none";
+    // Surfboard 与 Surge 默认不一致, 不管 Surfboard https://getsurfboard.com/docs/profile-format/proxy/external-proxy/vmess
    if (proxy.aead) {
        proxy.alterId = 0;
    } else {
-        proxy.alterId = proxy.alterId || 0;
+        proxy.alterId = 1;
    }
    handleWebsocket();
    handleShadowTLS();
--- a/backend/src/core/proxy-utils/parsers/peggy/surge.peg
+++ b/backend/src/core/proxy-utils/parsers/peggy/surge.peg
@ -53,10 +53,11 @@ shadowsocks = tag equals "ss" address (method/passwordk/obfs/obfs_host/obfs_uri/
 vmess = tag equals "vmess" address (vmess_uuid/vmess_aead/ws/ws_path/ws_headers/method/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/tls/sni/tls_fingerprint/tls_verification/fast_open/tfo/udp_relay/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
    proxy.type = "vmess";
    proxy.cipher = proxy.cipher || "none";
+    // Surfboard 与 Surge 默认不一致, 不管 Surfboard https://getsurfboard.com/docs/profile-format/proxy/external-proxy/vmess
    if (proxy.aead) {
        proxy.alterId = 0;
    } else {
-        proxy.alterId = proxy.alterId || 0;
+        proxy.alterId = 1;
    }
    handleWebsocket();
    handleShadowTLS();
--- a/backend/src/core/proxy-utils/preprocessors/index.js
+++ b/backend/src/core/proxy-utils/preprocessors/index.js
@ -50,6 +50,26 @@ function Base64Encoded() {
    return { name, test, parse };
 }

+function fallbackBase64Encoded() {
+    const name = 'Fallback Base64 Pre-processor';
+
+    const test = function (raw) {
+        return true;
+    };
+    const parse = function (raw) {
+        const decoded = Base64.decode(raw);
+        if (!/^\w+(:\/\/|\s*?=\s*?)\w+/m.test(decoded)) {
+            $.error(
+                `Fallback Base64 Pre-processor error: decoded line does not start with protocol`,
+            );
+            return raw;
+        }
+
+        return decoded;
+    };
+    return { name, test, parse };
+}
+
 function Clash() {
    const name = 'Clash Pre-processor';
    const test = function (raw) {
@ -163,4 +183,11 @@ function FullConfig() {
    return { name, test, parse };
 }

-export default [HTML(), Clash(), Base64Encoded(), SSD(), FullConfig()];
+export default [
+    HTML(),
+    Clash(),
+    Base64Encoded(),
+    SSD(),
+    FullConfig(),
+    fallbackBase64Encoded(),
+];
--- a/backend/src/core/proxy-utils/processors/index.js
+++ b/backend/src/core/proxy-utils/processors/index.js
@ -284,7 +284,15 @@ function SortOperator(order = 'asc') {
 }

 // sort by regex
-function RegexSortOperator(expressions) {
+function RegexSortOperator(input) {
+    const order = input.order || 'asc';
+    let expressions = input.expressions;
+    if (Array.isArray(input)) {
+        expressions = input;
+    }
+    if (!Array.isArray(expressions)) {
+        expressions = [];
+    }
    return {
        name: 'Regex Sort Operator',
        func: (proxies) => {
@ -295,8 +303,13 @@ function RegexSortOperator(expressions) {
                if (oA && !oB) return -1;
                if (oB && !oA) return 1;
                if (oA && oB) return oA < oB ? -1 : 1;
-                if ((!oA && !oB) || (oA && oB && oA === oB))
-                    return a.name < b.name ? -1 : 1; // fallback to normal sort
+                if (order === 'original') {
+                    return 0;
+                } else if (order === 'desc') {
+                    return a.name < b.name ? 1 : -1;
+                } else {
+                    return a.name < b.name ? -1 : 1;
+                }
            });
        },
    };
@ -1128,6 +1141,10 @@ function createDynamicFunction(name, script, $arguments, $options) {
            '$httpClient',
            '$notification',
            'ProxyUtils',
+            'yaml',
+            'Buffer',
+            'b64d',
+            'b64e',
            'scriptResourceCache',
            'flowUtils',
            'produceArtifact',
@ -1145,6 +1162,10 @@ function createDynamicFunction(name, script, $arguments, $options) {
            // eslint-disable-next-line no-undef
            $notification,
            ProxyUtils,
+            ProxyUtils.yaml,
+            ProxyUtils.Buffer,
+            ProxyUtils.Base64.decode,
+            ProxyUtils.Base64.encode,
            scriptResourceCache,
            flowUtils,
            produceArtifact,
@ -1157,6 +1178,10 @@ function createDynamicFunction(name, script, $arguments, $options) {
            '$substore',
            'lodash',
            'ProxyUtils',
+            'yaml',
+            'Buffer',
+            'b64d',
+            'b64e',
            'scriptResourceCache',
            'flowUtils',
            'produceArtifact',
@ -1168,6 +1193,10 @@ function createDynamicFunction(name, script, $arguments, $options) {
            $,
            lodash,
            ProxyUtils,
+            ProxyUtils.yaml,
+            ProxyUtils.Buffer,
+            ProxyUtils.Base64.decode,
+            ProxyUtils.Base64.encode,
            scriptResourceCache,
            flowUtils,
            produceArtifact,
--- a/backend/src/core/proxy-utils/producers/clash.js
+++ b/backend/src/core/proxy-utils/producers/clash.js
@ -1,4 +1,5 @@
 import { isPresent } from '@/core/proxy-utils/producers/utils';
+import $ from '@/core/app';

 export default function Clash_Producer() {
    const type = 'ALL';
@ -46,6 +47,11 @@ export default function Clash_Producer() {
                            proxy['reality-opts']))
                ) {
                    return false;
+                } else if (proxy['underlying-proxy'] || proxy['dialer-proxy']) {
+                    $.error(
+                        `Clash 不支持前置代理字段. 已过滤节点 ${proxy.name}`,
+                    );
+                    return false;
                }
                return true;
            })
@ -152,11 +158,6 @@ export default function Clash_Producer() {
                }
                delete proxy['tls-fingerprint'];

-                if (proxy['underlying-proxy']) {
-                    proxy['dialer-proxy'] = proxy['underlying-proxy'];
-                }
-                delete proxy['underlying-proxy'];
-
                if (isPresent(proxy, 'tls') && typeof proxy.tls !== 'boolean') {
                    delete proxy.tls;
                }
--- a/backend/src/core/proxy-utils/producers/loon.js
+++ b/backend/src/core/proxy-utils/producers/loon.js
@ -21,9 +21,9 @@ export default function Loon_Producer() {
            case 'trojan':
                return trojan(proxy);
            case 'vmess':
-                return vmess(proxy);
+                return vmess(proxy, opts['include-unsupported-proxy']);
            case 'vless':
-                return vless(proxy);
+                return vless(proxy, opts['include-unsupported-proxy']);
            case 'http':
                return http(proxy);
            case 'socks5':
@ -133,6 +133,13 @@ function shadowsocks(proxy) {
    // tfo
    result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');

+    // block-quic
+    if (proxy['block-quic'] === 'on') {
+        result.append(',block-quic=true');
+    } else if (proxy['block-quic'] === 'off') {
+        result.append(',block-quic=false');
+    }
+
    // udp
    if (proxy.udp) {
        result.append(`,udp=true`);
@ -144,7 +151,7 @@ function shadowsocks(proxy) {
    return result.toString();
 }

-function shadowsocksr(proxy, includeUnsupportedProxy) {
+function shadowsocksr(proxy) {
    const result = new Result(proxy);
    result.append(
        `${proxy.name}=shadowsocksr,${proxy.server},${proxy.port},${proxy.cipher},"${proxy.password}"`,
@ -203,6 +210,13 @@ function shadowsocksr(proxy, includeUnsupportedProxy) {
    // tfo
    result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');

+    // block-quic
+    if (proxy['block-quic'] === 'on') {
+        result.append(',block-quic=true');
+    } else if (proxy['block-quic'] === 'off') {
+        result.append(',block-quic=false');
+    }
+
    // udp
    if (proxy.udp) {
        result.append(`,udp=true`);
@ -259,6 +273,13 @@ function trojan(proxy) {
    // tfo
    result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');

+    // block-quic
+    if (proxy['block-quic'] === 'on') {
+        result.append(',block-quic=true');
+    } else if (proxy['block-quic'] === 'off') {
+        result.append(',block-quic=false');
+    }
+
    // udp
    if (proxy.udp) {
        result.append(`,udp=true`);
@ -270,6 +291,8 @@ function trojan(proxy) {
 }

 function vmess(proxy) {
+    const isReality = !!proxy['reality-opts'];
+
    const result = new Result(proxy);
    result.append(
        `${proxy.name}=vmess,${proxy.server},${proxy.port},${proxy.cipher},"${proxy.uuid}"`,
@ -317,20 +340,32 @@ function vmess(proxy) {
        'skip-cert-verify',
    );

-    // sni
-    result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
-    result.appendIfPresent(
-        `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
-        'tls-fingerprint',
-    );
-    result.appendIfPresent(
-        `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
-        'tls-pubkey-sha256',
-    );
+    if (isReality) {
+        result.appendIfPresent(`,sni=${proxy.sni}`, 'sni');
+        result.appendIfPresent(
+            `,public-key="${proxy['reality-opts']['public-key']}"`,
+            'reality-opts.public-key',
+        );
+        result.appendIfPresent(
+            `,short-id=${proxy['reality-opts']['short-id']}`,
+            'reality-opts.short-id',
+        );
+    } else {
+        // sni
+        result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
+        result.appendIfPresent(
+            `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+            'tls-fingerprint',
+        );
+        result.appendIfPresent(
+            `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+            'tls-pubkey-sha256',
+        );
+    }

    // AEAD
    if (isPresent(proxy, 'aead')) {
-        result.append(`,alterId=0`);
+        result.append(`,alterId=${proxy.aead ? 0 : 1}`);
    } else {
        result.append(`,alterId=${proxy.alterId}`);
    }
@ -338,6 +373,13 @@ function vmess(proxy) {
    // tfo
    result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');

+    // block-quic
+    if (proxy['block-quic'] === 'on') {
+        result.append(',block-quic=true');
+    } else if (proxy['block-quic'] === 'off') {
+        result.append(',block-quic=false');
+    }
+
    // udp
    if (proxy.udp) {
        result.append(`,udp=true`);
@ -348,9 +390,17 @@ function vmess(proxy) {
 }

 function vless(proxy) {
-    if (typeof proxy.flow !== 'undefined' || proxy['reality-opts']) {
-        throw new Error(`VLESS XTLS/REALITY is not supported`);
+    let isXtls = false;
+    const isReality = !!proxy['reality-opts'];
+
+    if (typeof proxy.flow !== 'undefined') {
+        if (['xtls-rprx-vision'].includes(proxy.flow)) {
+            isXtls = true;
+        } else {
+            throw new Error(`VLESS flow(${proxy.flow}) is not supported`);
+        }
    }
+
    const result = new Result(proxy);
    result.append(
        `${proxy.name}=vless,${proxy.server},${proxy.port},"${proxy.uuid}"`,
@ -398,20 +448,42 @@ function vless(proxy) {
        'skip-cert-verify',
    );

-    // sni
-    result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
-    result.appendIfPresent(
-        `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
-        'tls-fingerprint',
-    );
-    result.appendIfPresent(
-        `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
-        'tls-pubkey-sha256',
-    );
+    if (isXtls) {
+        result.appendIfPresent(`,flow=${proxy.flow}`, 'flow');
+    }
+    if (isReality) {
+        result.appendIfPresent(`,sni=${proxy.sni}`, 'sni');
+        result.appendIfPresent(
+            `,public-key="${proxy['reality-opts']['public-key']}"`,
+            'reality-opts.public-key',
+        );
+        result.appendIfPresent(
+            `,short-id=${proxy['reality-opts']['short-id']}`,
+            'reality-opts.short-id',
+        );
+    } else {
+        // sni
+        result.appendIfPresent(`,tls-name=${proxy.sni}`, 'sni');
+        result.appendIfPresent(
+            `,tls-cert-sha256=${proxy['tls-fingerprint']}`,
+            'tls-fingerprint',
+        );
+        result.appendIfPresent(
+            `,tls-pubkey-sha256=${proxy['tls-pubkey-sha256']}`,
+            'tls-pubkey-sha256',
+        );
+    }

    // tfo
    result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');

+    // block-quic
+    if (proxy['block-quic'] === 'on') {
+        result.append(',block-quic=true');
+    } else if (proxy['block-quic'] === 'off') {
+        result.append(',block-quic=false');
+    }
+
    // udp
    if (proxy.udp) {
        result.append(`,udp=true`);
@ -439,6 +511,14 @@ function http(proxy) {

    // tfo
    result.appendIfPresent(`,tfo=${proxy.tfo}`, 'tfo');
+
+    // block-quic
+    if (proxy['block-quic'] === 'on') {
+        result.append(',block-quic=true');
+    } else if (proxy['block-quic'] === 'off') {
+        result.append(',block-quic=false');
+    }
+
    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
    result.appendIfPresent(`,ip-mode=${ip_version}`, 'ip-version');

@ -465,6 +545,13 @@ function socks5(proxy) {
    // tfo
    result.appendIfPresent(`,tfo=${proxy.tfo}`, 'tfo');

+    // block-quic
+    if (proxy['block-quic'] === 'on') {
+        result.append(',block-quic=true');
+    } else if (proxy['block-quic'] === 'off') {
+        result.append(',block-quic=false');
+    }
+
    // udp
    if (proxy.udp) {
        result.append(`,udp=true`);
@ -539,6 +626,13 @@ function wireguard(proxy) {
    const ip_version = ipVersions[proxy['ip-version']] || proxy['ip-version'];
    result.appendIfPresent(`,ip-mode=${ip_version}`, 'ip-version');

+    // block-quic
+    if (proxy['block-quic'] === 'on') {
+        result.append(',block-quic=true');
+    } else if (proxy['block-quic'] === 'off') {
+        result.append(',block-quic=false');
+    }
+
    return result.toString();
 }

@ -573,6 +667,13 @@ function hysteria2(proxy) {
    // tfo
    result.appendIfPresent(`,fast-open=${proxy.tfo}`, 'tfo');

+    // block-quic
+    if (proxy['block-quic'] === 'on') {
+        result.append(',block-quic=true');
+    } else if (proxy['block-quic'] === 'off') {
+        result.append(',block-quic=false');
+    }
+
    // udp
    if (proxy.udp) {
        result.append(`,udp=true`);
--- a/backend/src/core/proxy-utils/producers/qx.js
+++ b/backend/src/core/proxy-utils/producers/qx.js
@ -58,6 +58,8 @@ function shadowsocks(proxy) {
            'aes-256-gcm',
            'chacha20-ietf-poly1305',
            'xchacha20-ietf-poly1305',
+            '2022-blake3-aes-128-gcm',
+            '2022-blake3-aes-256-gcm',
        ].includes(proxy.cipher)
    ) {
        throw new Error(`cipher ${proxy.cipher} is not supported`);
@ -128,6 +130,20 @@ function shadowsocks(proxy) {
    // udp
    appendIfPresent(`,udp-relay=${proxy.udp}`, 'udp');

+    // udp over tcp
+    if (proxy['_ssr_python_uot']) {
+        append(`,udp-over-tcp=true`);
+    } else if (proxy['udp-over-tcp']) {
+        if (
+            !proxy['udp-over-tcp-version'] ||
+            proxy['udp-over-tcp-version'] === 1
+        ) {
+            append(`,udp-over-tcp=sp.v1`);
+        } else if (proxy['udp-over-tcp-version'] === 2) {
+            append(`,udp-over-tcp=sp.v2`);
+        }
+    }
+
    // server_check_url
    result.appendIfPresent(
        `,server_check_url=${proxy['test-url']}`,
@ -389,6 +405,8 @@ function vless(proxy) {
            else append(`,obfs=ws`);
        } else if (proxy.network === 'http') {
            append(`,obfs=http`);
+        } else if (['tcp'].includes(proxy.network)) {
+            if (proxy.tls) append(`,obfs=over-tls`);
        } else if (!['tcp'].includes(proxy.network)) {
            throw new Error(`network ${proxy.network} is unsupported`);
        }
--- a/backend/src/core/proxy-utils/producers/shadowrocket.js
+++ b/backend/src/core/proxy-utils/producers/shadowrocket.js
@ -1,4 +1,5 @@
 import { isPresent } from '@/core/proxy-utils/producers/utils';
+import $ from '@/core/app';

 export default function Shadowrocket_Producer() {
    const type = 'ALL';
@ -8,7 +9,7 @@ export default function Shadowrocket_Producer() {
                if (opts['include-unsupported-proxy']) return true;
                if (proxy.type === 'snell' && String(proxy.version) === '4') {
                    return false;
-                } else if (['mieru', 'anytls'].includes(proxy.type)) {
+                } else if (['mieru'].includes(proxy.type)) {
                    return false;
                }
                return true;
--- a/backend/src/core/proxy-utils/producers/sing-box.js
+++ b/backend/src/core/proxy-utils/producers/sing-box.js
@ -31,6 +31,21 @@ const smuxParser = (smux, proxy) => {
    if (smux['min-streams'])
        proxy.multiplex.min_streams = parseInt(`${smux['min-streams']}`, 10);
    if (smux.padding) proxy.multiplex.padding = true;
+    if (smux['brutal-opts']?.up || smux['brutal-opts']?.down) {
+        proxy.multiplex.brutal = {
+            enabled: true,
+        };
+        if (smux['brutal-opts']?.up)
+            proxy.multiplex.brutal.up_mbps = parseInt(
+                `${smux['brutal-opts']?.up}`,
+                10,
+            );
+        if (smux['brutal-opts']?.down)
+            proxy.multiplex.brutal.down_mbps = parseInt(
+                `${smux['brutal-opts']?.down}`,
+                10,
+            );
+    }
 };

 const wsParser = (proxy, parsedProxy) => {
@ -359,7 +374,16 @@ const ssParser = (proxy = {}) => {
    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
        throw 'invalid port';
    if (proxy.uot) parsedProxy.udp_over_tcp = true;
-    if (proxy['udp-over-tcp']) parsedProxy.udp_over_tcp = true;
+    if (proxy['udp-over-tcp']) {
+        parsedProxy.udp_over_tcp = {
+            enabled: true,
+            version:
+                !proxy['udp-over-tcp-version'] ||
+                proxy['udp-over-tcp-version'] === 1
+                    ? 1
+                    : 2,
+        };
+    }
    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
    networkParser(proxy, parsedProxy);
    tfoParser(proxy, parsedProxy);
@ -495,6 +519,7 @@ const vlessParser = (proxy = {}) => {
    };
    if (parsedProxy.server_port < 0 || parsedProxy.server_port > 65535)
        throw 'invalid port';
+    if (proxy.xudp) parsedProxy.packet_encoding = 'xudp';
    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
    if (proxy.flow === 'xtls-rprx-vision') parsedProxy.flow = proxy.flow;
    if (proxy.network === 'ws') wsParser(proxy, parsedProxy);
@ -543,12 +568,13 @@ const hysteriaParser = (proxy = {}) => {
    if (proxy['fast-open']) parsedProxy.udp_fragment = true;
    // eslint-disable-next-line no-control-regex
    const reg = new RegExp('^[0-9]+[ \t]*[KMGT]*[Bb]ps$');
-    if (reg.test(`${proxy.up}`)) {
+    // sing-box 跟文档不一致, 但是懒得全转, 只处理最常见的 Mbps
+    if (reg.test(`${proxy.up}`) && !`${proxy.up}`.endsWith('Mbps')) {
        parsedProxy.up = `${proxy.up}`;
    } else {
        parsedProxy.up_mbps = parseInt(`${proxy.up}`, 10);
    }
-    if (reg.test(`${proxy.down}`)) {
+    if (reg.test(`${proxy.down}`) && !`${proxy.down}`.endsWith('Mbps')) {
        parsedProxy.down = `${proxy.down}`;
    } else {
        parsedProxy.down_mbps = parseInt(`${proxy.down}`, 10);
@ -575,7 +601,7 @@ const hysteriaParser = (proxy = {}) => {
    smuxParser(proxy.smux, parsedProxy);
    return parsedProxy;
 };
-const hysteria2Parser = (proxy = {}, includeUnsupportedProxy) => {
+const hysteria2Parser = (proxy = {}) => {
    const parsedProxy = {
        tag: proxy.name,
        type: 'hysteria2',
--- a/backend/src/core/proxy-utils/producers/stash.js
+++ b/backend/src/core/proxy-utils/producers/stash.js
@ -1,4 +1,5 @@
 import { isPresent } from '@/core/proxy-utils/producers/utils';
+import $ from '@/core/app';

 export default function Stash_Producer() {
    const type = 'ALL';
@ -39,21 +40,20 @@ export default function Stash_Producer() {
                            'xchacha20',
                            'chacha20-ietf-poly1305',
                            'xchacha20-ietf-poly1305',
-                            ...(opts['include-unsupported-proxy']
-                                ? [
-                                      '2022-blake3-aes-128-gcm',
-                                      '2022-blake3-aes-256-gcm',
-                                  ]
-                                : []),
+                            '2022-blake3-aes-128-gcm',
+                            '2022-blake3-aes-256-gcm',
                        ].includes(proxy.cipher)) ||
                    (proxy.type === 'snell' && String(proxy.version) === '4') ||
-                    (opts['include-unsupported-proxy']
-                        ? proxy.type === 'vless' &&
-                          proxy['reality-opts'] &&
-                          !['xtls-rprx-vision'].includes(proxy.flow)
-                        : proxy.type === 'vless' && proxy['reality-opts'])
+                    (proxy.type === 'vless' &&
+                        proxy['reality-opts'] &&
+                        !['xtls-rprx-vision'].includes(proxy.flow))
                ) {
                    return false;
+                } else if (proxy['underlying-proxy'] || proxy['dialer-proxy']) {
+                    $.error(
+                        `Stash 暂不支持前置代理字段. 已过滤节点 ${proxy.name}. 请使用 代理的转发链 https://stash.wiki/proxy-protocols/proxy-groups#relay`,
+                    );
+                    return false;
                }
                return true;
            })
@ -261,11 +261,6 @@ export default function Stash_Producer() {
                }
                delete proxy['tls-fingerprint'];

-                if (proxy['underlying-proxy']) {
-                    proxy['dialer-proxy'] = proxy['underlying-proxy'];
-                }
-                delete proxy['underlying-proxy'];
-
                if (isPresent(proxy, 'tls') && typeof proxy.tls !== 'boolean') {
                    delete proxy.tls;
                }
--- a/backend/src/core/proxy-utils/producers/uri.js
+++ b/backend/src/core/proxy-utils/producers/uri.js
@ -12,7 +12,7 @@ export default function URI_Producer() {
        delete proxy.resolved;
        delete proxy['no-resolve'];
        for (const key in proxy) {
-            if (proxy[key] == null || /^_/i.test(key)) {
+            if (proxy[key] == null) {
                delete proxy[key];
            }
        }
@ -33,7 +33,9 @@ export default function URI_Producer() {
        switch (proxy.type) {
            case 'socks5':
                result = `socks://${encodeURIComponent(
-                    Base64.encode(`${proxy.username}:${proxy.password}`),
+                    Base64.encode(
+                        `${proxy.username ?? ''}:${proxy.password ?? ''}`,
+                    ),
                )}@${proxy.server}:${proxy.port}#${proxy.name}`;
                break;
            case 'ss':
@ -117,12 +119,17 @@ export default function URI_Producer() {
                    v: '2',
                    ps: proxy.name,
                    add: proxy.server,
-                    port: proxy.port,
+                    port: `${proxy.port}`,
                    id: proxy.uuid,
-                    type,
-                    aid: proxy.alterId || 0,
+                    aid: `${proxy.alterId || 0}`,
+                    scy: proxy.cipher,
                    net,
+                    type,
                    tls: proxy.tls ? 'tls' : '',
+                    alpn: Array.isArray(proxy.alpn)
+                        ? proxy.alpn.join(',')
+                        : proxy.alpn,
+                    fp: proxy['client-fingerprint'],
                };
                if (proxy.tls && proxy.sni) {
                    result.sni = proxy.sni;
@ -133,16 +140,7 @@ export default function URI_Producer() {
                        proxy[`${proxy.network}-opts`]?.path;
                    let vmessTransportHost =
                        proxy[`${proxy.network}-opts`]?.headers?.Host;
-                    if (vmessTransportPath) {
-                        result.path = Array.isArray(vmessTransportPath)
-                            ? vmessTransportPath[0]
-                            : vmessTransportPath;
-                    }
-                    if (vmessTransportHost) {
-                        result.host = Array.isArray(vmessTransportHost)
-                            ? vmessTransportHost[0]
-                            : vmessTransportHost;
-                    }
+
                    if (['grpc'].includes(proxy.network)) {
                        result.path =
                            proxy[`${proxy.network}-opts`]?.[
@ -154,6 +152,31 @@ export default function URI_Producer() {
                            'gun';
                        result.host =
                            proxy[`${proxy.network}-opts`]?.['_grpc-authority'];
+                    } else if (['kcp', 'quic'].includes(proxy.network)) {
+                        // https://github.com/XTLS/Xray-core/issues/91
+                        result.type =
+                            proxy[`${proxy.network}-opts`]?.[
+                                `_${proxy.network}-type`
+                            ] || 'none';
+                        result.host =
+                            proxy[`${proxy.network}-opts`]?.[
+                                `_${proxy.network}-host`
+                            ];
+                        result.path =
+                            proxy[`${proxy.network}-opts`]?.[
+                                `_${proxy.network}-path`
+                            ];
+                    } else {
+                        if (vmessTransportPath) {
+                            result.path = Array.isArray(vmessTransportPath)
+                                ? vmessTransportPath[0]
+                                : vmessTransportPath;
+                        }
+                        if (vmessTransportHost) {
+                            result.host = Array.isArray(vmessTransportHost)
+                                ? vmessTransportHost[0]
+                                : vmessTransportHost;
+                        }
                    }
                }
                result = 'vmess://' + Base64.encode(JSON.stringify(result));
@ -478,7 +501,7 @@ export default function URI_Producer() {
                            hysteriaParams.push(`obfsParam=${proxy[key]}`);
                        } else if (['sni'].includes(key)) {
                            hysteriaParams.push(`peer=${proxy[key]}`);
-                        } else if (proxy[key]) {
+                        } else if (proxy[key] && !/^_/i.test(key)) {
                            hysteriaParams.push(
                                `${i}=${encodeURIComponent(proxy[key])}`,
                            );
@ -535,7 +558,13 @@ export default function URI_Producer() {
                                proxy[key]
                            ) {
                                tuicParams.push(`${i.replace(/-/g, '_')}=1`);
-                            } else if (proxy[key]) {
+                            } else if (
+                                ['congestion-controller'].includes(key)
+                            ) {
+                                tuicParams.push(
+                                    `congestion_control=${proxy[key]}`,
+                                );
+                            } else if (proxy[key] && !/^_/i.test(key)) {
                                tuicParams.push(
                                    `${i.replace(
                                        /-/g,
@ -583,7 +612,11 @@ export default function URI_Producer() {
                            if (proxy[key]) {
                                anytlsParams.push(`insecure=1`);
                            }
-                        } else if (proxy[key]) {
+                        } else if (['udp'].includes(key)) {
+                            if (proxy[key]) {
+                                anytlsParams.push(`udp=1`);
+                            }
+                        } else if (proxy[key] && !/^_/i.test(key)) {
                            anytlsParams.push(
                                `${i.replace(/-/g, '_')}=${encodeURIComponent(
                                    proxy[key],
@ -620,7 +653,7 @@ export default function URI_Producer() {
                            if (proxy[key]) {
                                wireguardParams.push(`${key}=1`);
                            }
-                        } else if (proxy[key]) {
+                        } else if (proxy[key] && !/^_/i.test(key)) {
                            wireguardParams.push(
                                `${key}=${encodeURIComponent(proxy[key])}`,
                            );
--- a/backend/src/products/resource-parser.loon.js
+++ b/backend/src/products/resource-parser.loon.js
@ -14,10 +14,12 @@ let resourceUrl = typeof $resourceUrl !== 'undefined' ? $resourceUrl : '';
        `
    ┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅
         Sub-Store -- v${version}
+         Loon -- ${$loon}
    ┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅┅
    `,
    );

+    const build = $loon.match(/\((\d+)\)$/)?.[1];
    let arg;
    if (typeof $argument != 'undefined') {
        arg = Object.fromEntries(
@ -26,23 +28,28 @@ let resourceUrl = typeof $resourceUrl !== 'undefined' ? $resourceUrl : '';
    } else {
        arg = {};
    }
+    console.log(`arg: ${JSON.stringify(arg)}`);

    const RESOURCE_TYPE = {
        PROXY: 1,
        RULE: 2,
    };
-
-    result = resource;
+    if (!arg.resourceUrlOnly) {
+        result = resource;
+    }

    if (resourceType === RESOURCE_TYPE.PROXY) {
-        try {
-            let proxies = ProxyUtils.parse(resource);
-            result = ProxyUtils.produce(proxies, 'Loon', undefined, {
-                'include-unsupported-proxy': arg?.includeUnsupportedProxy,
-            });
-        } catch (e) {
-            console.log('解析器: 使用 resource 出现错误');
-            console.log(e.message ?? e);
+        if (!arg.resourceUrlOnly) {
+            try {
+                let proxies = ProxyUtils.parse(resource);
+                result = ProxyUtils.produce(proxies, 'Loon', undefined, {
+                    'include-unsupported-proxy':
+                        arg?.includeUnsupportedProxy || build >= 842,
+                });
+            } catch (e) {
+                console.log('解析器: 使用 resource 出现错误');
+                console.log(e.message ?? e);
+            }
        }
        if ((!result || /^\s*$/.test(result)) && resourceUrl) {
            console.log(`解析器: 尝试从 ${resourceUrl} 获取订阅`);
@ -59,18 +66,21 @@ let resourceUrl = typeof $resourceUrl !== 'undefined' ? $resourceUrl : '';
                );
                let proxies = ProxyUtils.parse(raw);
                result = ProxyUtils.produce(proxies, 'Loon', undefined, {
-                    'include-unsupported-proxy': arg?.includeUnsupportedProxy,
+                    'include-unsupported-proxy':
+                        arg?.includeUnsupportedProxy || build >= 842,
                });
            } catch (e) {
                console.log(e.message ?? e);
            }
        }
    } else if (resourceType === RESOURCE_TYPE.RULE) {
-        try {
-            const rules = RuleUtils.parse(resource);
-            result = RuleUtils.produce(rules, 'Loon');
-        } catch (e) {
-            console.log(e.message ?? e);
+        if (!arg.resourceUrlOnly) {
+            try {
+                const rules = RuleUtils.parse(resource);
+                result = RuleUtils.produce(rules, 'Loon');
+            } catch (e) {
+                console.log(e.message ?? e);
+            }
        }
        if ((!result || /^\s*$/.test(result)) && resourceUrl) {
            console.log(`解析器: 尝试从 ${resourceUrl} 获取规则`);
--- a/backend/src/restful/collections.js
+++ b/backend/src/restful/collections.js
@ -1,5 +1,5 @@
 import { deleteByName, findByName, updateByName } from '@/utils/database';
-import { COLLECTIONS_KEY, ARTIFACTS_KEY } from '@/constants';
+import { COLLECTIONS_KEY, ARTIFACTS_KEY, FILES_KEY } from '@/constants';
 import { failed, success } from '@/restful/response';
 import $ from '@/core/app';
 import { RequestInvalidError, ResourceNotFoundError } from '@/restful/errors';
@ -106,7 +106,18 @@ function updateCollection(req, res) {
                    artifact.source = newCol.name;
                }
            }
+            // update all files referring this collection
+            const allFiles = $.read(FILES_KEY) || [];
+            for (const file of allFiles) {
+                if (
+                    file.sourceType === 'collection' &&
+                    file.sourceName === oldCol.name
+                ) {
+                    file.sourceName = newCol.name;
+                }
+            }
            $.write(allArtifacts, ARTIFACTS_KEY);
+            $.write(allFiles, FILES_KEY);
        }

        updateByName(allCols, name, newCol);
--- a/backend/src/restful/download.js
+++ b/backend/src/restful/download.js
@ -111,7 +111,17 @@ async function downloadSubscription(req, res) {
        proxy,
        noCache,
    } = req.query;
-    let $options = {};
+    let $options = {
+        _req: {
+            method: req.method,
+            url: req.url,
+            path: req.path,
+            query: req.query,
+            params: req.params,
+            headers: req.headers,
+            body: req.body,
+        },
+    };
    if (req.query.$options) {
        try {
            // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
@ -249,7 +259,7 @@ async function downloadSubscription(req, res) {
                            }
                        }
                    }
-                    if (!$arguments.noFlow) {
+                    if (!$arguments.noFlow && /^https?/.test(url)) {
                        // forward flow headers
                        flowInfo = await getFlowHeaders(
                            $arguments?.insecure ? `${url}#insecure` : url,
@ -376,7 +386,17 @@ async function downloadCollection(req, res) {
        noCache,
    } = req.query;

-    let $options = {};
+    let $options = {
+        _req: {
+            method: req.method,
+            url: req.url,
+            path: req.path,
+            query: req.query,
+            params: req.params,
+            headers: req.headers,
+            body: req.body,
+        },
+    };
    if (req.query.$options) {
        try {
            // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
@ -486,7 +506,7 @@ async function downloadCollection(req, res) {
                                }
                            }
                        }
-                        if (!$arguments.noFlow) {
+                        if (!$arguments.noFlow && /^https?:/.test(url)) {
                            subUserInfoOfSub = await getFlowHeaders(
                                $arguments?.insecure ? `${url}#insecure` : url,
                                $arguments.flowUserAgent,
--- a/backend/src/restful/file.js
+++ b/backend/src/restful/file.js
@ -1,6 +1,6 @@
 import { deleteByName, findByName, updateByName } from '@/utils/database';
 import { getFlowHeaders, normalizeFlowHeader } from '@/utils/flow';
-import { FILES_KEY } from '@/constants';
+import { FILES_KEY, ARTIFACTS_KEY } from '@/constants';
 import { failed, success } from '@/restful/response';
 import $ from '@/core/app';
 import {
@ -52,8 +52,8 @@ function createFile(req, res) {
 async function getFile(req, res) {
    let { name } = req.params;
    name = decodeURIComponent(name);
-
-    $.info(`正在下载文件：${name}`);
+    const reqUA = req.headers['user-agent'] || req.headers['User-Agent'];
+    $.info(`正在下载文件：${name}\n请求 User-Agent: ${reqUA}`);
    let {
        url,
        subInfoUrl,
@ -64,8 +64,19 @@ async function getFile(req, res) {
        ignoreFailedRemoteFile,
        proxy,
        noCache,
+        produceType,
    } = req.query;
-    let $options = {};
+    let $options = {
+        _req: {
+            method: req.method,
+            url: req.url,
+            path: req.path,
+            query: req.query,
+            params: req.params,
+            headers: req.headers,
+            body: req.body,
+        },
+    };
    if (req.query.$options) {
        try {
            // 支持 `#${encodeURIComponent(JSON.stringify({arg1: "1"}))}`
@ -118,6 +129,10 @@ async function getFile(req, res) {
    if (noCache) {
        $.info(`指定不使用缓存: ${noCache}`);
    }
+    if (produceType) {
+        produceType = decodeURIComponent(produceType);
+        $.info(`指定生产类型: ${produceType}`);
+    }

    const allFiles = $.read(FILES_KEY);
    const file = findByName(allFiles, name);
@ -134,6 +149,8 @@ async function getFile(req, res) {
                $options,
                proxy,
                noCache,
+                produceType,
+                all: true,
            });

            try {
@ -168,9 +185,15 @@ async function getFile(req, res) {
                    )}`,
                );
            }
-            res.set('Content-Type', 'text/plain; charset=utf-8').send(
-                output ?? '',
-            );
+            res.set('Content-Type', 'text/plain; charset=utf-8');
+            if (output?.$options?._res?.headers) {
+                Object.entries(output.$options._res.headers).forEach(
+                    ([key, value]) => {
+                        res.set(key, value);
+                    },
+                );
+            }
+            res.send(output?.$content ?? '');
        } catch (err) {
            $.notify(
                `🌍 Sub-Store 下载文件失败`,
@ -245,6 +268,20 @@ function updateFile(req, res) {
        };
        $.info(`正在更新文件：${name}...`);

+        if (name !== newFile.name) {
+            // update all artifacts referring this collection
+            const allArtifacts = $.read(ARTIFACTS_KEY) || [];
+            for (const artifact of allArtifacts) {
+                if (
+                    artifact.type === 'file' &&
+                    artifact.source === oldFile.name
+                ) {
+                    artifact.source = newFile.name;
+                }
+            }
+            $.write(allArtifacts, ARTIFACTS_KEY);
+        }
+
        updateByName(allFiles, name, newFile);
        $.write(allFiles, FILES_KEY);
        success(res, newFile);
--- a/backend/src/restful/index.js
+++ b/backend/src/restful/index.js
@ -1,7 +1,7 @@
 import express from '@/vendor/express';
 import $ from '@/core/app';
 import migrate from '@/utils/migration';
-import download from '@/utils/download';
+import download, { downloadFile } from '@/utils/download';
 import { syncArtifacts, produceArtifact } from '@/restful/sync';
 import { gistBackupAction } from '@/restful/miscs';
 import { TOKENS_KEY } from '@/constants';
@ -35,7 +35,7 @@ export default function serve() {
        const fe_be_path = eval('process.env.SUB_STORE_FRONTEND_BACKEND_PATH');
        const fe_path = eval('process.env.SUB_STORE_FRONTEND_PATH');
        if (be_prefix || be_merge) {
-            if(!fe_be_path.startsWith('/')){
+            if (!fe_be_path.startsWith('/')) {
                throw new Error(
                    'SUB_STORE_FRONTEND_BACKEND_PATH should start with /',
                );
@ -48,15 +48,20 @@ export default function serve() {
            $app.use((req, res, next) => {
                if (req.path.startsWith(fe_be_path)) {
                    req.url = req.url.replace(fe_be_path, '') || '/';
-                    if(be_merge && req.url.startsWith('/api/')){
+                    if (be_merge && req.url.startsWith('/api/')) {
                        req.query['share'] = 'true';
                    }
                    next();
                    return;
                }
-                const pathname = decodeURIComponent(req._parsedUrl.pathname) || '/';
-                if(be_merge && req.path.startsWith('/share/') && req.query.token){
-                    if (req.method.toLowerCase() !== 'get'){
+                const pathname =
+                    decodeURIComponent(req._parsedUrl.pathname) || '/';
+                if (
+                    be_merge &&
+                    req.path.startsWith('/share/') &&
+                    req.query.token
+                ) {
+                    if (req.method.toLowerCase() !== 'get') {
                        res.status(405).send('Method not allowed');
                        return;
                    }
@ -67,14 +72,14 @@ export default function serve() {
                            `/share/${t.type}/${t.name}` === pathname &&
                            (t.exp == null || t.exp > Date.now()),
                    );
-                    if (token){
+                    if (token) {
                        next();
                        return;
                    }
                }
-                if (be_merge && fe_path && req.path.indexOf('/',1) == -1) {
-                    if (req.path.indexOf('.') == -1){
-                        req.url = "/index.html"
+                if (be_merge && fe_path && req.path.indexOf('/', 1) == -1) {
+                    if (req.path.indexOf('.') == -1) {
+                        req.url = '/index.html';
                    }
                    const express_ = eval(`require("express")`);
                    const mime_ = eval(`require("mime-types")`);
@ -85,7 +90,7 @@ export default function serve() {
                            if (type) {
                                res.set('Content-Type', type);
                            }
-                        }
+                        },
                    });
                    staticFileMiddleware(req, res, next);
                    return;
@ -230,6 +235,60 @@ export default function serve() {
                // 'Asia/Shanghai' // timeZone
            );
        }
+        const mmdb_cron = eval('process.env.SUB_STORE_MMDB_CRON');
+        const countryFile = eval('process.env.SUB_STORE_MMDB_COUNTRY_PATH');
+        const countryUrl = eval('process.env.SUB_STORE_MMDB_COUNTRY_URL');
+        const asnFile = eval('process.env.SUB_STORE_MMDB_ASN_PATH');
+        const asnUrl = eval('process.env.SUB_STORE_MMDB_ASN_URL');
+        if (mmdb_cron && ((countryFile && countryUrl) || (asnFile && asnUrl))) {
+            $.info(`[MMDB CRON] ${mmdb_cron} enabled`);
+            const { CronJob } = eval(`require("cron")`);
+            new CronJob(
+                mmdb_cron,
+                async function () {
+                    try {
+                        $.info(`[MMDB CRON] ${mmdb_cron} started`);
+                        if (countryFile && countryUrl) {
+                            try {
+                                $.info(
+                                    `[MMDB CRON] downloading ${countryUrl} to ${countryFile}`,
+                                );
+                                await downloadFile(countryUrl, countryFile);
+                            } catch (e) {
+                                $.error(
+                                    `[MMDB CRON] ${countryUrl} download failed: ${
+                                        e.message ?? e
+                                    }`,
+                                );
+                            }
+                        }
+                        if (asnFile && asnUrl) {
+                            try {
+                                $.info(
+                                    `[MMDB CRON] downloading ${asnUrl} to ${asnFile}`,
+                                );
+                                await downloadFile(asnUrl, asnFile);
+                            } catch (e) {
+                                $.error(
+                                    `[MMDB CRON] ${asnUrl} download failed: ${
+                                        e.message ?? e
+                                    }`,
+                                );
+                            }
+                        }
+
+                        $.info(`[MMDB CRON] ${mmdb_cron} finished`);
+                    } catch (e) {
+                        $.error(
+                            `[MMDB CRON] ${mmdb_cron} error: ${e.message ?? e}`,
+                        );
+                    }
+                }, // onTick
+                null, // onComplete
+                true, // start
+                // 'Asia/Shanghai' // timeZone
+            );
+        }
        const path = eval(`require("path")`);
        const fs = eval(`require("fs")`);
        const data_url = eval('process.env.SUB_STORE_DATA_URL');
--- a/backend/src/restful/miscs.js
+++ b/backend/src/restful/miscs.js
@ -49,11 +49,17 @@ export default function register($app) {
            success(res);
        });

-    // Redirect sub.store to vercel webpage
-    $app.get('/', async (req, res) => {
-        // 302 redirect
-        res.set('location', 'https://sub-store.vercel.app/').status(302).end();
-    });
+    if (ENV().isNode) {
+        $app.get('/', getEnv);
+    } else {
+        // Redirect sub.store to vercel webpage
+        $app.get('/', async (req, res) => {
+            // 302 redirect
+            res.set('location', 'https://sub-store.vercel.app/')
+                .status(302)
+                .end();
+        });
+    }

    // handle preflight request for QX
    if (ENV().isQX) {
@ -71,7 +77,19 @@ function getEnv(req, res) {
    if (req.query.share) {
        env.feature.share = true;
    }
-    success(res, env);
+    res.set('Content-Type', 'application/json;charset=UTF-8').send(
+        JSON.stringify(
+            {
+                status: 'success',
+                data: {
+                    guide: '⚠️⚠️⚠️ 您当前看到的是后端的响应. 若想配合前端使用, 可访问官方前端 https://sub-store.vercel.app 后自行配置后端地址, 或一键配置后端 https://sub-store.vercel.app?api=https://a.com/xxx (假设 https://a.com 是你后端的域名, /xxx 是自定义路径). 需注意 HTTPS 前端无法请求非本地的 HTTP 后端(部分浏览器上也无法访问本地 HTTP 后端). 请配置反代或在局域网自建 HTTP 前端. 如果还有问题, 可查看此排查说明: https://t.me/zhetengsha/1068',
+                    ...env,
+                },
+            },
+            null,
+            2,
+        ),
+    );
 }

 async function refresh(_, res) {
--- a/backend/src/restful/preview.js
+++ b/backend/src/restful/preview.js
@ -47,15 +47,22 @@ async function previewFile(req, res) {
                        }),
                );

-                if (
-                    !file.ignoreFailedRemoteFile &&
-                    Object.keys(errors).length > 0
-                ) {
-                    throw new Error(
-                        `文件 ${file.name} 的远程文件 ${Object.keys(
-                            errors,
-                        ).join(', ')} 发生错误, 请查看日志`,
-                    );
+                if (Object.keys(errors).length > 0) {
+                    if (!file.ignoreFailedRemoteFile) {
+                        throw new Error(
+                            `文件 ${file.name} 的远程文件 ${Object.keys(
+                                errors,
+                            ).join(', ')} 发生错误, 请查看日志`,
+                        );
+                    } else if (file.ignoreFailedRemoteFile === 'enabled') {
+                        $.notify(
+                            `🌍 Sub-Store 预览文件失败`,
+                            `❌ ${file.name}`,
+                            `远程文件 ${Object.keys(errors).join(
+                                ', ',
+                            )} 发生错误, 请查看日志`,
+                        );
+                    }
                }
                if (file.mergeSources === 'localFirst') {
                    content.unshift(file.content);
@ -136,12 +143,22 @@ async function compareSub(req, res) {
                    }),
            );

-            if (!sub.ignoreFailedRemoteSub && Object.keys(errors).length > 0) {
-                throw new Error(
-                    `订阅 ${sub.name} 的远程订阅 ${Object.keys(errors).join(
-                        ', ',
-                    )} 发生错误, 请查看日志`,
-                );
+            if (Object.keys(errors).length > 0) {
+                if (!sub.ignoreFailedRemoteSub) {
+                    throw new Error(
+                        `订阅 ${sub.name} 的远程订阅 ${Object.keys(errors).join(
+                            ', ',
+                        )} 发生错误, 请查看日志`,
+                    );
+                } else if (sub.ignoreFailedRemoteSub === 'enabled') {
+                    $.notify(
+                        `🌍 Sub-Store 预览订阅失败`,
+                        `❌ ${sub.name}`,
+                        `远程订阅 ${Object.keys(errors).join(
+                            ', ',
+                        )} 发生错误, 请查看日志`,
+                    );
+                }
            }
            if (sub.mergeSources === 'localFirst') {
                content.unshift(sub.content);
@ -244,15 +261,25 @@ async function compareCollection(req, res) {
                                    }
                                }),
                        );
-                        if (
-                            !sub.ignoreFailedRemoteSub &&
-                            Object.keys(errors).length > 0
-                        ) {
-                            throw new Error(
-                                `订阅 ${sub.name} 的远程订阅 ${Object.keys(
-                                    errors,
-                                ).join(', ')} 发生错误, 请查看日志`,
-                            );
+
+                        if (Object.keys(errors).length > 0) {
+                            if (!sub.ignoreFailedRemoteSub) {
+                                throw new Error(
+                                    `订阅 ${sub.name} 的远程订阅 ${Object.keys(
+                                        errors,
+                                    ).join(', ')} 发生错误, 请查看日志`,
+                                );
+                            } else if (
+                                sub.ignoreFailedRemoteSub === 'enabled'
+                            ) {
+                                $.notify(
+                                    `🌍 Sub-Store 预览订阅失败`,
+                                    `❌ ${sub.name}`,
+                                    `远程订阅 ${Object.keys(errors).join(
+                                        ', ',
+                                    )} 发生错误, 请查看日志`,
+                                );
+                            }
                        }
                        if (sub.mergeSources === 'localFirst') {
                            raw.unshift(sub.content);
@ -284,20 +311,28 @@ async function compareCollection(req, res) {
                    errors[name] = err;

                    $.error(
-                        `❌ 处理组合订阅 ${collection.name} 中的子订阅: ${sub.name}时出现错误：${err}！`,
+                        `❌ 处理组合订阅 ${collection.name} 中的子订阅: ${sub.name} 时出现错误：${err}！`,
                    );
                }
            }),
        );
-        if (
-            !collection.ignoreFailedRemoteSub &&
-            Object.keys(errors).length > 0
-        ) {
-            throw new Error(
-                `组合订阅 ${collection.name} 中的子订阅 ${Object.keys(
-                    errors,
-                ).join(', ')} 发生错误, 请查看日志`,
-            );
+
+        if (Object.keys(errors).length > 0) {
+            if (!collection.ignoreFailedRemoteSub) {
+                throw new Error(
+                    `组合订阅 ${collection.name} 的子订阅 ${Object.keys(
+                        errors,
+                    ).join(', ')} 发生错误, 请查看日志`,
+                );
+            } else if (collection.ignoreFailedRemoteSub === 'enabled') {
+                $.notify(
+                    `🌍 Sub-Store 预览组合订阅失败`,
+                    `❌ ${collection.name}`,
+                    `子订阅 ${Object.keys(errors).join(
+                        ', ',
+                    )} 发生错误, 请查看日志`,
+                );
+            }
        }
        // merge proxies with the original order
        const original = Array.prototype.concat.apply(
--- a/backend/src/restful/subscriptions.js
+++ b/backend/src/restful/subscriptions.js
@ -5,7 +5,12 @@ import {
    RequestInvalidError,
 } from './errors';
 import { deleteByName, findByName, updateByName } from '@/utils/database';
-import { SUBS_KEY, COLLECTIONS_KEY, ARTIFACTS_KEY } from '@/constants';
+import {
+    SUBS_KEY,
+    COLLECTIONS_KEY,
+    ARTIFACTS_KEY,
+    FILES_KEY,
+} from '@/constants';
 import {
    getFlowHeaders,
    parseFlowHeaders,
@ -135,7 +140,7 @@ async function getFlowInfo(req, res) {
                }
            }
        }
-        if ($arguments.noFlow) {
+        if ($arguments.noFlow || !/^https?/.test(url)) {
            failed(
                res,
                new RequestInvalidError(
@ -320,9 +325,20 @@ function updateSubscription(req, res) {
                    artifact.source = sub.name;
                }
            }
+            // update all files referring this subscription
+            const allFiles = $.read(FILES_KEY) || [];
+            for (const file of allFiles) {
+                if (
+                    file.sourceType === 'subscription' &&
+                    file.sourceName == name
+                ) {
+                    file.sourceName = sub.name;
+                }
+            }

            $.write(allCols, COLLECTIONS_KEY);
            $.write(allArtifacts, ARTIFACTS_KEY);
+            $.write(allFiles, FILES_KEY);
        }
        updateByName(allSubs, name, newSub);
        $.write(allSubs, SUBS_KEY);
--- a/backend/src/restful/sync.js
+++ b/backend/src/restful/sync.js
@ -40,6 +40,7 @@ async function produceArtifact({
    $options,
    proxy,
    noCache,
+    all,
 }) {
    platform = platform || 'JSON';

@ -89,12 +90,23 @@ async function produceArtifact({
            if (ignoreFailedRemoteSub != null && ignoreFailedRemoteSub !== '') {
                subIgnoreFailedRemoteSub = ignoreFailedRemoteSub;
            }
-            if (!subIgnoreFailedRemoteSub && Object.keys(errors).length > 0) {
-                throw new Error(
-                    `订阅 ${sub.name} 的远程订阅 ${Object.keys(errors).join(
-                        ', ',
-                    )} 发生错误, 请查看日志`,
-                );
+
+            if (Object.keys(errors).length > 0) {
+                if (!subIgnoreFailedRemoteSub) {
+                    throw new Error(
+                        `订阅 ${sub.name} 的远程订阅 ${Object.keys(errors).join(
+                            ', ',
+                        )} 发生错误, 请查看日志`,
+                    );
+                } else if (subIgnoreFailedRemoteSub === 'enabled') {
+                    $.notify(
+                        `🌍 Sub-Store 处理订阅失败`,
+                        `❌ ${sub.name}`,
+                        `远程订阅 ${Object.keys(errors).join(
+                            ', ',
+                        )} 发生错误, 请查看日志`,
+                    );
+                }
            }
            if (mergeSources === 'localFirst') {
                raw.unshift(content);
@ -138,12 +150,23 @@ async function produceArtifact({
            if (ignoreFailedRemoteSub != null && ignoreFailedRemoteSub !== '') {
                subIgnoreFailedRemoteSub = ignoreFailedRemoteSub;
            }
-            if (!subIgnoreFailedRemoteSub && Object.keys(errors).length > 0) {
-                throw new Error(
-                    `订阅 ${sub.name} 的远程订阅 ${Object.keys(errors).join(
-                        ', ',
-                    )} 发生错误, 请查看日志`,
-                );
+
+            if (Object.keys(errors).length > 0) {
+                if (!subIgnoreFailedRemoteSub) {
+                    throw new Error(
+                        `订阅 ${sub.name} 的远程订阅 ${Object.keys(errors).join(
+                            ', ',
+                        )} 发生错误, 请查看日志`,
+                    );
+                } else if (subIgnoreFailedRemoteSub === 'enabled') {
+                    $.notify(
+                        `🌍 Sub-Store 处理订阅失败`,
+                        `❌ ${sub.name}`,
+                        `远程订阅 ${Object.keys(errors).join(
+                            ', ',
+                        )} 发生错误, 请查看日志`,
+                    );
+                }
            }
            if (sub.mergeSources === 'localFirst') {
                raw.unshift(sub.content);
@ -151,6 +174,9 @@ async function produceArtifact({
                raw.push(sub.content);
            }
        }
+        if (produceType === 'raw') {
+            return JSON.stringify((Array.isArray(raw) ? raw : [raw]).flat());
+        }
        // parse proxies
        let proxies = (Array.isArray(raw) ? raw : [raw])
            .map((i) => ProxyUtils.parse(i))
@ -264,15 +290,25 @@ async function produceArtifact({
                                    }
                                }),
                        );
-                        if (
-                            !sub.ignoreFailedRemoteSub &&
-                            Object.keys(errors).length > 0
-                        ) {
-                            throw new Error(
-                                `订阅 ${sub.name} 的远程订阅 ${Object.keys(
-                                    errors,
-                                ).join(', ')} 发生错误, 请查看日志`,
-                            );
+
+                        if (Object.keys(errors).length > 0) {
+                            if (!sub.ignoreFailedRemoteSub) {
+                                throw new Error(
+                                    `订阅 ${sub.name} 的远程订阅 ${Object.keys(
+                                        errors,
+                                    ).join(', ')} 发生错误, 请查看日志`,
+                                );
+                            } else if (
+                                sub.ignoreFailedRemoteSub === 'enabled'
+                            ) {
+                                $.notify(
+                                    `🌍 Sub-Store 处理订阅失败`,
+                                    `❌ ${sub.name}`,
+                                    `远程订阅 ${Object.keys(errors).join(
+                                        ', ',
+                                    )} 发生错误, 请查看日志`,
+                                );
+                            }
                        }
                        if (sub.mergeSources === 'localFirst') {
                            raw.unshift(sub.content);
@ -327,15 +363,23 @@ async function produceArtifact({
        if (ignoreFailedRemoteSub != null && ignoreFailedRemoteSub !== '') {
            collectionIgnoreFailedRemoteSub = ignoreFailedRemoteSub;
        }
-        if (
-            !collectionIgnoreFailedRemoteSub &&
-            Object.keys(errors).length > 0
-        ) {
-            throw new Error(
-                `组合订阅 ${name} 中的子订阅 ${Object.keys(errors).join(
-                    ', ',
-                )} 发生错误, 请查看日志`,
-            );
+
+        if (Object.keys(errors).length > 0) {
+            if (!collectionIgnoreFailedRemoteSub) {
+                throw new Error(
+                    `组合订阅 ${collection.name} 的子订阅 ${Object.keys(
+                        errors,
+                    ).join(', ')} 发生错误, 请查看日志`,
+                );
+            } else if (collectionIgnoreFailedRemoteSub === 'enabled') {
+                $.notify(
+                    `🌍 Sub-Store 处理组合订阅失败`,
+                    `❌ ${collection.name}`,
+                    `子订阅 ${Object.keys(errors).join(
+                        ', ',
+                    )} 发生错误, 请查看日志`,
+                );
+            }
        }

        // merge proxies with the original order
@ -505,15 +549,23 @@ async function produceArtifact({
                ) {
                    fileIgnoreFailedRemoteFile = ignoreFailedRemoteFile;
                }
-                if (
-                    !fileIgnoreFailedRemoteFile &&
-                    Object.keys(errors).length > 0
-                ) {
-                    throw new Error(
-                        `文件 ${file.name} 的远程文件 ${Object.keys(
-                            errors,
-                        ).join(', ')} 发生错误, 请查看日志`,
-                    );
+
+                if (Object.keys(errors).length > 0) {
+                    if (!fileIgnoreFailedRemoteFile) {
+                        throw new Error(
+                            `文件 ${file.name} 的远程文件 ${Object.keys(
+                                errors,
+                            ).join(', ')} 发生错误, 请查看日志`,
+                        );
+                    } else if (fileIgnoreFailedRemoteFile === 'enabled') {
+                        $.notify(
+                            `🌍 Sub-Store 处理文件失败`,
+                            `❌ ${file.name}`,
+                            `远程文件 ${Object.keys(errors).join(
+                                ', ',
+                            )} 发生错误, 请查看日志`,
+                        );
+                    }
                }
                if (file.mergeSources === 'localFirst') {
                    raw.unshift(file.content);
@ -522,6 +574,9 @@ async function produceArtifact({
                }
            }
        }
+        if (produceType === 'raw') {
+            return JSON.stringify((Array.isArray(raw) ? raw : [raw]).flat());
+        }
        const files = (Array.isArray(raw) ? raw : [raw]).flat();
        let filesContent = files
            .filter((i) => i != null && i !== '')
@ -541,7 +596,7 @@ async function produceArtifact({
                  )
                : { $content: filesContent, $files: files, $options };

-        return processed?.$content ?? '';
+        return (all ? processed : processed?.$content) ?? '';
    }
 }

--- a/backend/src/utils/download.js
+++ b/backend/src/utils/download.js
@ -1,4 +1,4 @@
-import { SETTINGS_KEY } from '@/constants';
+import { SETTINGS_KEY, FILES_KEY, MODULES_KEY } from '@/constants';
 import { HTTP, ENV } from '@/vendor/open-api';
 import { hex_md5 } from '@/vendor/md5';
 import { getPolicyDescriptor } from '@/utils';
@ -11,6 +11,8 @@ import {
    validCheck,
 } from '@/utils/flow';
 import $ from '@/core/app';
+import { findByName } from '@/utils/database';
+import { produceArtifact } from '@/restful/sync';
 import PROXY_PREPROCESSORS from '@/core/proxy-utils/preprocessors';
 const clashPreprocessor = PROXY_PREPROCESSORS.find(
    (processor) => processor.name === 'Clash Pre-processor',
@ -130,22 +132,53 @@ export default async function download(
        }
    }

-    // const downloadUrlMatch = url.match(/^\/api\/(file|module)\/(.+)/);
-    // if (downloadUrlMatch) {
-    //     let type = downloadUrlMatch?.[1];
-    //     let name = downloadUrlMatch?.[2];
-    //     if (name == null) {
-    //         throw new Error(`本地 ${type} URL 无效: ${url}`);
-    //     }
-    //     name = decodeURIComponent(name);
-    //     const key = type === 'module' ? MODULES_KEY : FILES_KEY;
-    //     const item = findByName($.read(key), name);
-    //     if (!item) {
-    //         throw new Error(`找不到本地 ${type}: ${name}`);
-    //     }
+    const downloadUrlMatch = url
+        .split('#')[0]
+        .match(/^\/api\/(file|module)\/(.+)/);
+    if (downloadUrlMatch) {
+        let type = '';
+        try {
+            type = downloadUrlMatch?.[1];
+            let name = downloadUrlMatch?.[2];
+            if (name == null) {
+                throw new Error(`本地 ${type} URL 无效: ${url}`);
+            }
+            name = decodeURIComponent(name);
+            const key = type === 'module' ? MODULES_KEY : FILES_KEY;
+            const item = findByName($.read(key), name);
+            if (!item) {
+                throw new Error(`找不到 ${type}: ${name}`);
+            }

-    //     return item.content;
-    // }
+            if (type === 'module') {
+                return item.content;
+            } else {
+                return await produceArtifact({
+                    type: 'file',
+                    name,
+                });
+            }
+        } catch (err) {
+            $.error(
+                `Error when loading ${type}: ${
+                    url.split('#')[0]
+                }.\n Reason: ${err}`,
+            );
+            throw new Error(`无法加载 ${type}: ${url}`);
+        }
+    } else if (url?.startsWith('/')) {
+        try {
+            const fs = eval(`require("fs")`);
+            return fs.readFileSync(url.split('#')[0], 'utf8');
+        } catch (err) {
+            $.error(
+                `Error when reading local file: ${
+                    url.split('#')[0]
+                }.\n Reason: ${err}`,
+            );
+            throw new Error(`无法从该路径读取文本内容: ${url}`);
+        }
+    }

    if (!isNode && tasks.has(id)) {
        return tasks.get(id);
@ -273,3 +306,25 @@ export default async function download(
    }
    return result;
 }
+
+export async function downloadFile(url, file) {
+    const undici = eval("require('undici')");
+    const fs = eval("require('fs')");
+    const { pipeline } = eval("require('stream/promises')");
+    const { Agent, interceptors, request } = undici;
+    $.info(`Downloading file...\nURL: ${url}\nFile: ${file}`);
+    const { body, statusCode } = await request(url, {
+        dispatcher: new Agent().compose(
+            interceptors.redirect({
+                maxRedirections: 3,
+                throwOnRedirect: true,
+            }),
+        ),
+    });
+    if (statusCode !== 200)
+        throw new Error(`Failed to download file from ${url}`);
+    const fileStream = fs.createWriteStream(file);
+    await pipeline(body, fileStream);
+    $.info(`File downloaded from ${url} to ${file}`);
+    return file;
+}
--- a/backend/src/utils/flow.js
+++ b/backend/src/utils/flow.js
@ -49,7 +49,7 @@ export async function getFlowHeaders(
            }
        }
    }
-    if ($arguments?.noFlow) {
+    if ($arguments?.noFlow || !/^https?/.test(url)) {
        return;
    }
    const { isStash, isLoon, isShadowRocket, isQX } = ENV();
--- a/backend/src/utils/migration.js
+++ b/backend/src/utils/migration.js
@ -4,6 +4,8 @@ import {
    SCHEMA_VERSION_KEY,
    ARTIFACTS_KEY,
    RULES_KEY,
+    FILES_KEY,
+    TOKENS_KEY,
 } from '@/constants';
 import $ from '@/core/app';

@ -55,7 +57,17 @@ function doMigrationV2() {
    const newRules = Object.values(rules);
    $.write(newRules, RULES_KEY);

-    // 5. delete builtin rules
+    // 5. migrate files
+    const files = $.read(FILES_KEY) || {};
+    const newFiles = Object.values(files);
+    $.write(newFiles, FILES_KEY);
+
+    // 6. migrate tokens
+    const tokens = $.read(TOKENS_KEY) || {};
+    const newTokens = Object.values(tokens);
+    $.write(newTokens, TOKENS_KEY);
+
+    // 7. delete builtin rules
    delete $.cache.builtin;
    $.info('Migration complete!');

--- a/backend/src/utils/user-agent.js
+++ b/backend/src/utils/user-agent.js
@ -47,7 +47,7 @@ export function getPlatformFromUserAgent({ ua, UA, accept }) {
        return 'Clash';
    } else if (ua.indexOf('v2ray') !== -1) {
        return 'V2Ray';
-    } else if (ua.indexOf('sing-box') !== -1) {
+    } else if (ua.indexOf('sing-box') !== -1 || ua.indexOf('singbox') !== -1) {
        return 'sing-box';
    } else if (accept.indexOf('application/json') === 0) {
        return 'JSON';
@ -61,31 +61,41 @@ export function getPlatformFromHeaders(headers) {
    return getPlatformFromUserAgent({ ua, UA, accept });
 }
 export function shouldIncludeUnsupportedProxy(platform, ua) {
-    try {
-        const target = getPlatformFromUserAgent({
-            UA: ua,
-            ua: ua.toLowerCase(),
-        });
-        if (!['Stash', 'Egern'].includes(target)) {
-            return false;
-        }
-        const version = coerce(ua).version;
-        if (
-            platform === 'Stash' &&
-            target === 'Stash' &&
-            gte(version, '2.8.0')
-        ) {
-            return true;
-        }
-        if (
-            platform === 'Egern' &&
-            target === 'Egern' &&
-            gte(version, '1.29.0')
-        ) {
-            return true;
-        }
-    } catch (e) {
-        $.error(`获取版本号失败: ${e}`);
-    }
+    // try {
+    //     const target = getPlatformFromUserAgent({
+    //         UA: ua,
+    //         ua: ua.toLowerCase(),
+    //     });
+    //     if (!['Stash', 'Egern', 'Loon'].includes(target)) {
+    //         return false;
+    //     }
+    //     const coerceVersion = coerce(ua);
+    //     $.log(JSON.stringify(coerceVersion, null, 2));
+    //     const { version } = coerceVersion;
+    //     if (
+    //         platform === 'Stash' &&
+    //         target === 'Stash' &&
+    //         gte(version, '3.1.0')
+    //     ) {
+    //         return true;
+    //     }
+    //     if (
+    //         platform === 'Egern' &&
+    //         target === 'Egern' &&
+    //         gte(version, '1.29.0')
+    //     ) {
+    //         return true;
+    //     }
+    //     // Loon 的 UA 不规范, version 取出来是 build
+    //     if (
+    //         platform === 'Loon' &&
+    //         target === 'Loon' &&
+    //         gte(version, '842.0.0')
+    //     ) {
+    //         return true;
+    //     }
+    // } catch (e) {
+    //     $.error(`获取版本号失败: ${e}`);
+    // }
    return false;
 }
--- a/backend/src/utils/yaml.js
+++ b/backend/src/utils/yaml.js
@ -34,4 +34,6 @@ export default {
    load,
    safeDump,
    dump,
+    parse: safeLoad,
+    stringify: safeDump,
 };
--- a/backend/src/vendor/express.js
+++ b/backend/src/vendor/express.js
@ -17,10 +17,12 @@ export default function express({ substore: $, port, host }) {
        const express_ = eval(`require("express")`);
        const bodyParser = eval(`require("body-parser")`);
        const app = express_();
+        const limit = eval('process.env.SUB_STORE_BODY_JSON_LIMIT') || '1mb';
+        $.info(`[BACKEND] body JSON limit: ${limit}`);
        app.use(
            bodyParser.json({
                verify: rawBodySaver,
-                limit: eval('process.env.SUB_STORE_BODY_JSON_LIMIT') || '1mb',
+                limit,
            }),
        );
        app.use(
@ -36,7 +38,7 @@ export default function express({ substore: $, port, host }) {
        app.start = () => {
            const listener = app.listen(port, host, () => {
                const { address, port } = listener.address();
-                $.info(`[BACKEND] ${address}:${port}`);
+                $.info(`[BACKEND] listening on ${address}:${port}`);
            });
        };
        return app;
--- a/backend/src/vendor/open-api.js
+++ b/backend/src/vendor/open-api.js
@ -10,6 +10,14 @@ const isEgern = 'object' == typeof egern;
 const isLanceX = 'undefined' != typeof $native;
 const isGUIforCores = typeof $Plugins !== 'undefined';

+function isPlainObject(obj) {
+    return (
+        obj !== null &&
+        typeof obj === 'object' &&
+        [null, Object.prototype].includes(Object.getPrototypeOf(obj))
+    );
+}
+
 export class OpenAPI {
    constructor(name = 'untitled', debug = false) {
        this.name = name;
@ -62,29 +70,50 @@ export class OpenAPI {
            const basePath =
                eval('process.env.SUB_STORE_DATA_BASE_PATH') || '.';
            let rootPath = `${basePath}/root.json`;
+            const backupRootPath = `${basePath}/root_${Date.now()}.json`;

            this.log(`Root path: ${rootPath}`);
-            if (!this.node.fs.existsSync(rootPath)) {
+            if (this.node.fs.existsSync(rootPath)) {
+                try {
+                    this.root = JSON.parse(
+                        this.node.fs.readFileSync(`${rootPath}`),
+                    );
+                } catch (e) {
+                    this.node.fs.copyFileSync(rootPath, backupRootPath);
+                    this.error(
+                        `Failed to parse ${rootPath}: ${e.message}. Backup created at ${backupRootPath}`,
+                    );
+                }
+            }
+            if (!isPlainObject(this.root)) {
                this.node.fs.writeFileSync(rootPath, JSON.stringify({}), {
-                    flag: 'wx',
+                    flag: 'w',
                });
                this.root = {};
-            } else {
-                this.root = JSON.parse(
-                    this.node.fs.readFileSync(`${rootPath}`),
-                );
            }

            // create a json file with the given name if not exists
            let fpath = `${basePath}/${this.name}.json`;
+            const backupPath = `${basePath}/${this.name}_${Date.now()}.json`;
+
            this.log(`Data path: ${fpath}`);
-            if (!this.node.fs.existsSync(fpath)) {
+            if (this.node.fs.existsSync(fpath)) {
+                try {
+                    this.cache = JSON.parse(
+                        this.node.fs.readFileSync(`${fpath}`),
+                    );
+                } catch (e) {
+                    this.node.fs.copyFileSync(fpath, backupPath);
+                    this.error(
+                        `Failed to parse ${fpath}: ${e.message}. Backup created at ${backupPath}`,
+                    );
+                }
+            }
+            if (!isPlainObject(this.cache)) {
                this.node.fs.writeFileSync(fpath, JSON.stringify({}), {
-                    flag: 'wx',
+                    flag: 'w',
                });
                this.cache = {};
-            } else {
-                this.cache = JSON.parse(this.node.fs.readFileSync(`${fpath}`));
            }
        }
    }
--- a/backend/sub-store_1748083027961.json
+++ b/backend/sub-store_1748083027961.json
--- a/scripts/demo.js
+++ b/scripts/demo.js
@ -13,7 +13,13 @@ function operator(proxies = [], targetPlatform, context) {
  // 5. `_subName` 为单条订阅名, `_subDisplayName` 为单条订阅显示名
  // 6. `_collectionName` 为组合订阅名, `_collectionDisplayName` 为组合订阅显示名
  // 7. `tls-fingerprint` 为 tls 指纹
-  // 8. `underlying-proxy` 为前置代理
+  // 8. `underlying-proxy` 为前置代理, 不同平台会自动转换
+  //    例如 $server['underlying-proxy'] = '名称'
+  //    只给 mihomo 输出的话, `dialer-proxy` 也行
+  //    只给 sing-box 输出的话, `detour` 也行
+  //    只给 Egern 输出的话, `prev_hop` 也行
+  //    只给 Shadowrocket 输出的话, `chain` 也行
+  //    输出到 Clash/Stash 时, 会过滤掉配置了前置代理的节点, 并提示使用对应的功能.
  // 9. `trojan`, `tuic`, `hysteria`, `hysteria2`, `juicity` 会在解析时设置 `tls`: true (会使用 tls 类协议的通用逻辑),  输出时删除
  // 10. `sni` 在某些协议里会自动与 `servername` 转换
  // 11. 读取节点的 ca-str 和 _ca (后端文件路径) 字段, 自动计算 fingerprint (参考 https://t.me/zhetengsha/1512)
@ -22,6 +28,7 @@ function operator(proxies = [], targetPlatform, context) {
  // 14. `ports` 为端口跳跃, `hop-interval` 变换端口号的时间间隔
  // 15. `ip-version` 设置节点使用 IP 版本，可选：dual，ipv4，ipv6，ipv4-prefer，ipv6-prefer. 会进行内部转换, 若无法匹配则使用原始值
  // 16. `sing-box` 支持使用 `_network` 来设置 `network`, 例如 `tcp`, `udp`
+  // 17. `block-quic` 支持 `auto`, `on`, `off`. 不同的平台不一定都支持, 会自动转换

  // require 为 Node.js 的 require, 在 Node.js 运行环境下 可以用来引入模块
  // 例如在 Node.js 环境下, 将文件内容写入 /tmp/1.txt 文件
@ -40,8 +47,27 @@ function operator(proxies = [], targetPlatform, context) {
  // 先这样处理 encodeURIComponent('arg1=a&arg2=b')
  // /api/file/foo?$options=arg1%3Da%26arg2%3Db

+  // 默认会带上 _req 字段, 结构为
+  // {
+  //     method,
+  //     url,
+  //     path,
+  //     query,
+  //     params,
+  //     headers,
+  //     body,
+  // }
  // console.log($options)

+  // 若设置 $options._res.headers
+  // 则会在输出文件时设置响应头, 例如:
+
+  // $options._res = {
+  //   headers: {
+  //     'X-Custom': '1'
+  //   }
+  // }
+
  // targetPlatform 为输出的目标平台

  // lodash
@ -79,6 +105,12 @@ function operator(proxies = [], targetPlatform, context) {

  // 其他平台同理, 持久化缓存数据在 JSON 里

+  // 当配合脚本使用时, 可以在脚本的前面添加一个脚本操作, 实现保留 1 小时的缓存. 这样比较灵活
+
+  // async function operator() {
+  //     scriptResourceCache._cleanup(undefined, 1 * 3600 * 1000);
+  // }
+
  // ProxyUtils 为节点处理工具
  // 可参考 https://t.me/zhetengsha/1066
  // const ProxyUtils = {
@ -96,9 +128,13 @@ function operator(proxies = [], targetPlatform, context) {
  //     getISO, // 获取 ISO 3166-1 alpha-2 代码
  //     Gist, // Gist 类
  //     download, // 内部的下载方法, 见 backend/src/utils/download.js
+  //     downloadFile, // 下载二进制文件, 见 backend/src/utils/download.js
  //     MMDB, // Node.js 环境 可用于模拟 Surge/Loon 的 $utils.ipasn, $utils.ipaso, $utils.geoip. 具体见 https://t.me/zhetengsha/1269
  //     isValidUUID, // 辅助判断是否为有效的 UUID
+  //     Buffer, // https://github.com/feross/buffer
+  //     Base64, // https://github.com/dankogai/js-base64
  // }
+  //  为兼容 https://github.com/xishang0128/sparkle 的 JavaScript 覆写, 也可以直接使用 `b64d`(Base64 解码), `b64e`(Base64 编码), `Buffer`, `yaml`(简单兼容了下 `yaml.parse` 和 `yaml.stringify`)

  // 如果只是为了快速修改或者筛选 可以参考 脚本操作支持节点快捷脚本 https://t.me/zhetengsha/970 和 脚本筛选支持节点快捷脚本 https://t.me/zhetengsha/1009
  // ⚠️ 注意: 函数式(即本文件这样的 function operator() {}) 和快捷操作(下面使用 $server) 只能二选一
--- a/support.nodeseek.com_page_promotion_id=8.png
+++ b/support.nodeseek.com_page_promotion_id=8.png
Author	SHA1	Message	Date
xream	cacc106c68	doc: README	2025-06-03 16:42:01 +08:00
xream	542fcc44a1	feat: 订阅和文件的远程链接支持使用换行混写三种格式 1. 完整远程链接 2. 类似 /api/file/name 的内部文件调用路径 3. 本地文件的绝对路径	2025-06-03 00:10:45 +08:00
xream	dca3d2f79c	fix: 脚本链接为路径时带参解析	2025-06-02 23:17:47 +08:00
xream	3e14f91347	feat: sing-box VLESS packet_encoding	2025-06-02 20:39:15 +08:00
xream	4aafdaaddb	feat: 支持本地文件	2025-06-01 11:54:32 +08:00
xream	e4f646af0c	feat: 若设置 $options._res.headers, 拉取文件时将设置自定义响应头	2025-05-28 13:46:57 +08:00
xream	532be2ff8c	Stash 正式版支持 VLESS REALITY(xtls-rprx-vision)	2025-05-27 19:46:31 +08:00
xream	37fc7ac88e	feat: VMess 支持 kcp/quic(正确处理 type, host, path, fp, alpn, tls等参数)	2025-05-27 03:01:28 +08:00
xream	9e0028219d	feat: Shadowrocket 支持 anytls	2025-05-26 17:24:39 +08:00
xream	54750d552b	feat: 为 env 响应增加如何使用前端搭配后端的引导说明	2025-05-25 00:58:06 +08:00
xream	0e7561a069	feat: Node.js 环境中 JSON 数据文件校验失败后会备份原文件, 创建新文件	2025-05-24 18:40:30 +08:00
xream	6804c6368a	fix: 修复 QX VLESS TLS	2025-05-23 22:36:08 +08:00
xream	9c5d6e9a10	feat: 单条订阅和文件支持链接参数 produceType raw, 此时返回原始数据的数组	2025-05-22 16:09:35 +08:00
xream	ef2d6be8eb	feat: 预处理支持 Base64 兜底	2025-05-22 15:17:38 +08:00
xream	04e12a4836	fix: 修复 SOCKS5 URI	2025-05-21 01:39:30 +08:00
xream	f94cf7185a	feat: 日志增加 body JSON limit	2025-05-20 21:16:30 +08:00
xream	fa7df51f8c	feat: Shadowrocket 支持前置代理. 补充 demo.js 说明	2025-05-18 17:21:54 +08:00
xream	18659d1cc8	feat: Node.js 环境下 API / 路由不自动跳转到 sub-store.vercel.app	2025-05-17 22:49:12 +08:00
xream	1d12dc55bd	feat: 单条订阅和文件支持链接参数 produceType raw, 此时返回原始数据的数组	2025-05-17 20:22:24 +08:00
xream	af9a2c86c1	fix: 修复 Surge/Loon VMess aead	2025-05-12 12:26:14 +08:00
xream	98892fa100	fix: 修复 QX VMess aead	2025-05-12 11:06:13 +08:00
xream	6e2411e2c2	doc: demo.js	2025-05-12 01:42:42 +08:00
xream	b3f6876bbd	feat: 兼容 xishang0128/sparkle 的 JavaScript 覆写; ProxyUtils 新增 Buffer, Base64	2025-05-11 16:21:28 +08:00
xream	d2c3956884	feat: QX 正式支持 SS2022	2025-05-07 02:59:19 +08:00
xream	21c1e11976	feat: 兼容非标 Shadowsocks URI 输入	2025-04-28 13:55:15 +08:00
xream	e0f6b3e692	feat: sing-box Hysteria up/down 跟文档不一致, 但是懒得全转, 只处理最常见的 Mbps	2025-04-28 10:23:30 +08:00
xream	0d2920fadd	feat: 兼容 Shadowrocket 非标 VMess URI 输入中的 peer(sni)	2025-04-27 09:45:14 +08:00
xream	da9b1d8795	feat: 输出到 Clash/Stash/Shadowrocket 时, 会过滤掉配置了前置代理的节点, 并提示使用对应的功能	2025-04-26 13:46:58 +08:00
xream	4c4bda563a	feat: Stash 输出中过滤掉有前置代理的节点, 并在日志中提示	2025-04-22 09:42:32 +08:00
xream	95f181351a	feat: 忽略失败的远程选择支持开启通知(前端 >= 2.15.17)	2025-04-21 19:28:58 +08:00
xream	3b85063f73	feat: 简单实现了 SUB_STORE_MMDB_CRON 定时更新 MMDB. ASN: SUB_STORE_MMDB_ASN_PATH, SUB_STORE_MMDB_ASN_URL. COUNTRY: SUB_STORE_MMDB_COUNTRY_PATH, SUB_STORE_MMDB_COUNTRY_URL; 脚本中新增 ProxyUtils.downloadFile 方便下载二进制文件.	2025-04-21 18:25:00 +08:00
xream	7f691c8511	fix: SS 解析增加默认节点名	2025-04-20 20:10:08 +08:00
xream	55cc7dcd16	fix: 修复 URI 输出	2025-04-19 16:44:40 +08:00
xream	4f745b0232	feat: sing-box 输出支持 brutal	2025-04-18 22:49:19 +08:00
xream	28b233b62c	fix: 修复 URI 输出	2025-04-18 15:04:06 +08:00
xream	44d72523ce	feat: AnyTLS URI 支持 UDP 参数	2025-04-18 12:24:31 +08:00
xream	b60995f7ac	feat: Loon 输入输出正式支持 VLESS XTLS/REALITY, VMess REALITY	2025-04-17 09:57:56 +08:00
xream	a262dfbbe8	fix: 修复 Loon block-quic 参数	2025-04-16 07:28:28 +08:00
xream	166f3cb447	feat: 支持 QX udp-over-tcp=true/sp.v1/sp.v2	2025-04-14 15:39:13 +08:00
xream	1f0463bfe2	feat: 支持 QX udp-over-tcp=true/sp.v1; mihomo UDP over TCP 的协议版本默认 1, sing-box 默认为 2	2025-04-14 15:28:35 +08:00
xream	302c92ed87	fix: 修复 TUIC congestion-controller	2025-04-13 03:28:11 +08:00
xream	0d575e6e88	doc: demo.js	2025-04-11 22:49:12 +08:00
xream	d41b54abde	feat: 支持 Loon block-quic 参数	2025-04-11 22:44:12 +08:00
xream	2c3e701149	doc: demo.js	2025-04-11 15:21:41 +08:00
xream	b074f42fdc	feat: 拉取文件时日志输出 User-Agent; 脚本上下文参数 $options 中新增 _req 字段, 包含请求信息	2025-04-08 12:48:38 +08:00
xream	e054b71a62	feat: Shadowrocket VMess ws 传输层增加默认 path	2025-04-03 22:33:31 +08:00
xream	7213cea16c	feat: Stash 正式版支持 SS2022, 测试版(>=3.1.0) 支持 VLESS REALITY(xtls-rprx-vision)	2025-04-03 15:47:35 +08:00
xream	260b1e5332	docs(README): 增加赞助商信息	2025-04-03 15:23:15 +08:00
xream	73e5d53f48	feat: Loon 输入输出支持 VLESS XTLS/REALITY, VMess REALITY. 需 includeUnsupportedProxy 或 build >= 842 自动开启)	2025-04-01 18:22:28 +08:00
xream	39829fa97a	feat: QX 输入值支持 `=`	2025-03-29 19:52:40 +08:00
xream	93d524331a	feat: QX 使用 includeUnsupportedProxy 参数开启 Shadowsocks 2022	2025-03-29 14:17:59 +08:00
xream	e0c6cc4453	feat: 正则排序支持顺序/倒序/原顺序(前端 > 2.15.10)	2025-03-28 12:46:51 +08:00
xream	80955aa339	doc: 标记 Clash Deprecated	2025-03-27 19:53:46 +08:00
xream	4d27e5bdac	feat: 脚本链接叠加参数调整	2025-03-27 12:52:19 +08:00
xream	e2011de69e	feat: Loon 解析器支持参数 `resourceUrlOnly` 仅使用远程资源, 忽略 Loon 自身解析数据	2025-03-26 00:26:31 +08:00
xream	9568f4d6d9	feat: 优化日志, Loon 解析器自动读取 build	2025-03-25 23:58:28 +08:00
xream	543641de9d	feat: VLESS 兼容 Shadowrocket 传输层 none	2025-03-25 23:35:23 +08:00
xream	2fbc589a8a	feat: Loon 输入输出支持 VLESS REALITY(flow 为 xtls-rprx-vision). 需 includeUnsupportedProxy 或 build >= 838 自动开启)	2025-03-25 22:22:29 +08:00
xream	c854614efc	feat: 调整 User-Agent 判断	2025-03-25 17:49:47 +08:00
xream	16a5995d21	fix: 修复 ss shadow-tls	2025-03-23 14:32:24 +08:00
xream	15b55f6d1a	feat: 更新文件时, 更新同步配置; 更新单条订阅/组合订阅时, 更新 mihomo 覆写	2025-03-21 00:36:42 +08:00
xream	8e5ce26e7b	fix: 修复重置后端数据后无默认字段的问题	2025-03-20 22:03:06 +08:00