chore: allow unsafe path for provider by environment variable
This commit is contained in:
parent
6bdaadc581
commit
73f8da091e
3 changed files with 13 additions and 9 deletions
|
@ -67,7 +67,7 @@ func ParseProxyProvider(name string, mapping map[string]any) (types.ProxyProvide
|
||||||
case "file":
|
case "file":
|
||||||
vehicle = resource.NewFileVehicle(path)
|
vehicle = resource.NewFileVehicle(path)
|
||||||
case "http":
|
case "http":
|
||||||
if !C.Path.IsSubPath(path) {
|
if !C.Path.IsSafePath(path) {
|
||||||
return nil, fmt.Errorf("%w: %s", errSubPath, path)
|
return nil, fmt.Errorf("%w: %s", errSubPath, path)
|
||||||
}
|
}
|
||||||
vehicle = resource.NewHTTPVehicle(schema.URL, path)
|
vehicle = resource.NewHTTPVehicle(schema.URL, path)
|
||||||
|
|
|
@ -20,14 +20,15 @@ var Path = func() *path {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
homeDir, _ = os.Getwd()
|
homeDir, _ = os.Getwd()
|
||||||
}
|
}
|
||||||
|
allowUnsafePath := strings.TrimSpace(os.Getenv("SKIP_SAFE_PATH_CHECK")) == "1"
|
||||||
homeDir = P.Join(homeDir, ".config", Name)
|
homeDir = P.Join(homeDir, ".config", Name)
|
||||||
return &path{homeDir: homeDir, configFile: "config.yaml"}
|
return &path{homeDir: homeDir, configFile: "config.yaml", allowUnsafePath: allowUnsafePath}
|
||||||
}()
|
}()
|
||||||
|
|
||||||
type path struct {
|
type path struct {
|
||||||
homeDir string
|
homeDir string
|
||||||
configFile string
|
configFile string
|
||||||
|
allowUnsafePath bool
|
||||||
}
|
}
|
||||||
|
|
||||||
// SetHomeDir is used to set the configuration path
|
// SetHomeDir is used to set the configuration path
|
||||||
|
@ -56,8 +57,11 @@ func (p *path) Resolve(path string) string {
|
||||||
return path
|
return path
|
||||||
}
|
}
|
||||||
|
|
||||||
// IsSubPath return true if path is a subpath of homedir
|
// IsSafePath return true if path is a subpath of homedir
|
||||||
func (p *path) IsSubPath(path string) bool {
|
func (p *path) IsSafePath(path string) bool {
|
||||||
|
if p.allowUnsafePath {
|
||||||
|
return true
|
||||||
|
}
|
||||||
homedir := p.HomeDir()
|
homedir := p.HomeDir()
|
||||||
path = p.Resolve(path)
|
path = p.Resolve(path)
|
||||||
rel, err := filepath.Rel(homedir, path)
|
rel, err := filepath.Rel(homedir, path)
|
||||||
|
|
|
@ -773,7 +773,7 @@ proxy-providers:
|
||||||
type: http
|
type: http
|
||||||
url: "url"
|
url: "url"
|
||||||
interval: 3600
|
interval: 3600
|
||||||
path: ./provider1.yaml
|
path: ./provider1.yaml # 默认只允许存储在 clash 的 Home Dir,如果想存储到任意位置,添加环境变量 SKIP_SAFE_PATH_CHECK=1
|
||||||
health-check:
|
health-check:
|
||||||
enable: true
|
enable: true
|
||||||
interval: 600
|
interval: 600
|
||||||
|
@ -790,7 +790,7 @@ rule-providers:
|
||||||
rule1:
|
rule1:
|
||||||
behavior: classical # domain ipcidr
|
behavior: classical # domain ipcidr
|
||||||
interval: 259200
|
interval: 259200
|
||||||
path: /path/to/save/file.yaml
|
path: /path/to/save/file.yaml # 默认只允许存储在 clash 的 Home Dir,如果想存储到任意位置,添加环境变量 SKIP_SAFE_PATH_CHECK=1
|
||||||
type: http
|
type: http
|
||||||
url: "url"
|
url: "url"
|
||||||
rule2:
|
rule2:
|
||||||
|
|
Loading…
Reference in a new issue