chore: allow unsafe path for provider by environment variable

This commit is contained in:
Skyxim 2023-06-11 01:55:49 +00:00 committed by Larvan2
parent 6bdaadc581
commit 73f8da091e
3 changed files with 13 additions and 9 deletions

View file

@ -67,7 +67,7 @@ func ParseProxyProvider(name string, mapping map[string]any) (types.ProxyProvide
case "file":
vehicle = resource.NewFileVehicle(path)
case "http":
if !C.Path.IsSubPath(path) {
if !C.Path.IsSafePath(path) {
return nil, fmt.Errorf("%w: %s", errSubPath, path)
}
vehicle = resource.NewHTTPVehicle(schema.URL, path)

View file

@ -20,14 +20,15 @@ var Path = func() *path {
if err != nil {
homeDir, _ = os.Getwd()
}
allowUnsafePath := strings.TrimSpace(os.Getenv("SKIP_SAFE_PATH_CHECK")) == "1"
homeDir = P.Join(homeDir, ".config", Name)
return &path{homeDir: homeDir, configFile: "config.yaml"}
return &path{homeDir: homeDir, configFile: "config.yaml", allowUnsafePath: allowUnsafePath}
}()
type path struct {
homeDir string
configFile string
homeDir string
configFile string
allowUnsafePath bool
}
// SetHomeDir is used to set the configuration path
@ -56,8 +57,11 @@ func (p *path) Resolve(path string) string {
return path
}
// IsSubPath return true if path is a subpath of homedir
func (p *path) IsSubPath(path string) bool {
// IsSafePath return true if path is a subpath of homedir
func (p *path) IsSafePath(path string) bool {
if p.allowUnsafePath {
return true
}
homedir := p.HomeDir()
path = p.Resolve(path)
rel, err := filepath.Rel(homedir, path)

View file

@ -773,7 +773,7 @@ proxy-providers:
type: http
url: "url"
interval: 3600
path: ./provider1.yaml
path: ./provider1.yaml # 默认只允许存储在 clash 的 Home Dir如果想存储到任意位置添加环境变量 SKIP_SAFE_PATH_CHECK=1
health-check:
enable: true
interval: 600
@ -790,7 +790,7 @@ rule-providers:
rule1:
behavior: classical # domain ipcidr
interval: 259200
path: /path/to/save/file.yaml
path: /path/to/save/file.yaml # 默认只允许存储在 clash 的 Home Dir如果想存储到任意位置添加环境变量 SKIP_SAFE_PATH_CHECK=1
type: http
url: "url"
rule2: