代码一:
生成订阅
Cloudflare Snippets!搭建永久免费节点彻底告别 Workers 限制,真正不限流量的科学上网免费vpn
代码地址github:https://github.com/byJoey/cfnew
登录cloudflare网站:https://www.cloudflare.com
点击托管在cloudflare的域名:
规则>Snippets,如果显示升级计划是域名不支持,更换域名。
创建片段>填写片段名称>复制粘贴代码>更改UUID
import { connect } from 'cloudflare:sockets';
// --- 硬编码配置 ---
// UUID,同时用作订阅路径。
const authToken = '351c9981-04b6-4103-aa4b-864aa9c91469';
// 用来访问cloudflare托管的网站
const fallbackAddress = 'bpb.yousef.isegaro.com';
const fallbackPort = '443';
// SOCKS5 代理配置。留空则禁用。格式: user:pass@host:port
const socks5Config = '';
const directDomains = [
{ name: "cloudflare.182682.xyz", domain: "cloudflare.182682.xyz" }, { name: "speed.marisalnc.com", domain: "speed.marisalnc.com" },
{ domain: "freeyx.cloudflare88.eu.org" }, { domain: "bestcf.top" }, { domain: "cdn.2020111.xyz" }, { domain: "cfip.cfcdn.vip" },
{ domain: "cf.0sm.com" }, { domain: "cf.090227.xyz" }, { domain: "cf.zhetengsha.eu.org" }, { domain: "cloudflare.9jy.cc" },
{ domain: "cf.zerone-cdn.pp.ua" }, { domain: "cfip.1323123.xyz" }, { domain: "cnamefuckxxs.yuchen.icu" }, { domain: "cloudflare-ip.mofashi.ltd" },
{ domain: "115155.xyz" }, { domain: "cname.xirancdn.us" }, { domain: "f3058171cad.002404.xyz" }, { domain: "8.889288.xyz" },
{ domain: "cdn.tzpro.xyz" }, { domain: "cf.877771.xyz" }, { domain: "xn--b6gac.eu.org" }
];
const parsedSocks5Config = {};
const isSocksEnabled = false;
const E_INVALID_DATA = atob('aW52YWxpZCBkYXRh');
const E_INVALID_USER = atob('aW52YWxpZCB1c2Vy');
const E_UNSUPPORTED_CMD = atob('Y29tbWFuZCBpcyBub3Qgc3VwcG9ydGVk');
const E_UDP_DNS_ONLY = atob('VURQIHByb3h5IG9ubHkgZW5hYmxlIGZvciBETlMgd2hpY2ggaXMgcG9ydCA1Mw==');
const E_INVALID_ADDR_TYPE = atob('aW52YWxpZCBhZGRyZXNzVHlwZQ==');
const E_EMPTY_ADDR = atob('YWRkcmVzc1ZhbHVlIGlzIGVtcHR5');
const E_WS_NOT_OPEN = atob('d2ViU29ja2V0LmVhZHlTdGF0ZSBpcyBub3Qgb3Blbg==');
const E_INVALID_ID_STR = atob('U3RyaW5naWZpZWQgaWRlbnRpZmllciBpcyBpbnZhbGlk');
const E_INVALID_SOCKS_ADDR = atob('SW52YWxpZCBTT0NLUyBhZGRyZXNzIGZvcm1hdA==');
const E_SOCKS_NO_METHOD = atob('bm8gYWNjZXB0YWJsZSBtZXRob2Rz');
const E_SOCKS_AUTH_NEEDED = atob('c29ja3Mgc2VydmVyIG5lZWRzIGF1dGg=');
const E_SOCKS_AUTH_FAIL = atob('ZmFpbCB0byBhdXRoIHNvY2tzIHNlcnZlcg==');
const E_SOCKS_CONN_FAIL = atob('ZmFpbCB0byBvcGVuIHNvY2tzIGNvbm5lY3Rpb24=');
const ADDRESS_TYPE_IPV4 = 1;
const ADDRESS_TYPE_URL = 2;
const ADDRESS_TYPE_IPV6 = 3;
export default {
async fetch(request, env, ctx) {
try {
const subPath = authToken;
const url = new URL(request.url);
if (request.headers.get('Upgrade') === 'websocket') {
return await handleWsRequest(request);
} else if (request.method === 'GET') {
if (url.pathname === '/') {
const successHtml = `<!DOCTYPE html><html lang="zh-CN"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>部署成功</title><style>body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,Helvetica,Arial,sans-serif;display:flex;justify-content:center;align-items:center;height:100vh;margin:0;background-color:#121212;color:#e0e0e0;text-align:center;}.container{padding:2rem;border-radius:8px;background-color:#1e1e1e;box-shadow:0 4px 6px rgba(0,0,0,0.1);}h1{color:#4caf50;}</style></head><body><div class="container"><h1>✅ 部署成功</h1><p>代理与动态订阅功能均已启用。</p></div></body></html>`;
return new Response(successHtml, { status: 200, headers: { 'Content-Type': 'text/html; charset=utf-8' } });
}
if (url.pathname.toLowerCase().includes(`/${subPath}`)) {
return await handleSubscriptionRequest(request, authToken);
}
}
return new Response('Not Found', { status: 404 });
} catch (err) {
return new Response(err.toString(), { status: 500 });
}
},
};
async function handleSubscriptionRequest(request, uuid) {
const url = new URL(request.url);
const finalLinks = [];
const workerDomain = url.hostname;
const nativeList = [{ ip: workerDomain, isp: '原生地址' }];
finalLinks.push(...generateLinksFromSource(nativeList, uuid, workerDomain));
const domainList = directDomains.map(d => ({ ip: d.domain, isp: d.name || d.domain }));
finalLinks.push(...generateLinksFromSource(domainList, uuid, workerDomain));
const dynamicIPList = await fetchDynamicIPs();
if (dynamicIPList.length > 0) {
finalLinks.push(...generateLinksFromSource(dynamicIPList, uuid, workerDomain));
}
const subscriptionContent = btoa(finalLinks.join('\n'));
return new Response(subscriptionContent, {
headers: {
'Content-Type': 'text/plain; charset=utf-8',
'Cache-Control': 'no-store, no-cache, must-revalidate, max-age=0',
},
});
}
function generateLinksFromSource(list, uuid, workerDomain) {
const httpsPorts = [443, 2053, 2083, 2087, 2096, 8443];
const httpPorts = [80, 8080, 8880, 2052, 2082, 2086, 2095];
const links = [];
const wsPath = encodeURIComponent('/?ed=2048');
const proto = 'vless';
list.forEach(item => {
const nodeNameBase = item.isp.replace(/\s/g, '_');
const safeIP = item.ip.includes(':') ? `[${item.ip}]` : item.ip;
httpsPorts.forEach(port => {
const wsNodeName = `${nodeNameBase}-${port}-WS-TLS`;
const wsParams = new URLSearchParams({
encryption: 'none',
security: 'tls',
sni: workerDomain,
fp: 'randomized',
type: 'ws',
host: workerDomain,
path: wsPath
});
links.push(`${proto}://${uuid}@${safeIP}:${port}?${wsParams.toString()}#${encodeURIComponent(wsNodeName)}`);
});
httpPorts.forEach(port => {
const wsNodeName = `${nodeNameBase}-${port}-WS`;
const wsParams = new URLSearchParams({
encryption: 'none',
security: 'none',
type: 'ws',
host: workerDomain,
path: wsPath
});
links.push(`${proto}://${uuid}@${safeIP}:${port}?${wsParams.toString()}#${encodeURIComponent(wsNodeName)}`);
});
});
return links;
}
async function fetchDynamicIPs() {
const v4Url1 = "https://www.wetest.vip/page/cloudflare/address_v4.html";
const v6Url1 = "https://www.wetest.vip/page/cloudflare/address_v6.html";
let results = [];
try {
const [ipv4List, ipv6List] = await Promise.all([
fetchAndParseWetest(v4Url1),
fetchAndParseWetest(v6Url1)
]);
results = [...ipv4List, ...ipv6List];
if (results.length > 0) {
console.log(`Successfully fetched ${results.length} IPs from wetest.vip`);
return results;
}
} catch (e) {
console.error("Failed to fetch from wetest.vip:", e);
}
console.log("wetest.vip failed, trying fallback IP source...");
const fallbackUrl = "https://stock.hostmonit.com/CloudFlareYes";
try {
const response = await fetch(fallbackUrl, { headers: { 'User-Agent': 'Mozilla/5.0' } });
if (!response.ok) {
console.error(`Fallback source failed with status: ${response.status}`);
return [];
}
const html = await response.text();
const rowRegex = /<tr><td>([\d.:a-fA-F]+)<\/td><td>.*?<\/td><td>.*?<\/td><td>.*?<\/td><td>(.*?)<\/td>.*?<\/tr>/g;
let match;
while ((match = rowRegex.exec(html)) !== null) {
if (match[1] && match[2]) {
results.push({
ip: match[1].trim(),
isp: match[2].trim().replace(/\s/g, '')
});
}
}
if (results.length > 0) {
console.log(`Successfully fetched ${results.length} IPs from fallback source.`);
} else {
console.warn(`Warning: Could not parse any IPs from fallback source. The site structure might have changed.`);
}
return results;
} catch (e) {
console.error("Failed to fetch from fallback source:", e);
return [];
}
}
async function fetchAndParseWetest(url) {
try {
const response = await fetch(url, { headers: { 'User-Agent': 'Mozilla/5.0' } });
if (!response.ok) {
console.error(`Failed to fetch ${url}, status: ${response.status}`);
return [];
}
const html = await response.text();
const results = [];
const rowRegex = /<tr[\s\S]*?<\/tr>/g;
const cellRegex = /<td data-label="线路名称">(.+?)<\/td>[\s\S]*?<td data-label="优选地址">([\d.:a-fA-F]+)<\/td>/;
let match;
while ((match = rowRegex.exec(html)) !== null) {
const rowHtml = match[0];
const cellMatch = rowHtml.match(cellRegex);
if (cellMatch && cellMatch[1] && cellMatch[2]) {
results.push({
isp: cellMatch[1].trim().replace(/<.*?>/g, ''),
ip: cellMatch[2].trim()
});
}
}
if (results.length === 0) {
console.warn(`Warning: Could not parse any IPs from ${url}. The site structure might have changed.`);
}
return results;
} catch (error) {
console.error(`Error parsing ${url}:`, error);
return [];
}
}
async function handleWsRequest(request) {
const wsPair = new WebSocketPair();
const [clientSock, serverSock] = Object.values(wsPair);
serverSock.accept();
let remoteConnWrapper = { socket: null };
let isDnsQuery = false;
const earlyData = request.headers.get('sec-websocket-protocol') || '';
const readable = makeReadableStream(serverSock, earlyData);
readable.pipeTo(new WritableStream({
async write(chunk) {
if (isDnsQuery) return await forwardUDP(chunk, serverSock, null);
if (remoteConnWrapper.socket) {
const writer = remoteConnWrapper.socket.writable.getWriter();
await writer.write(chunk);
writer.releaseLock();
return;
}
const { hasError, message, addressType, port, hostname, rawIndex, version, isUDP } = parseWsPacketHeader(chunk, authToken);
if (hasError) throw new Error(message);
if (isUDP) {
if (port === 53) isDnsQuery = true;
else throw new Error(E_UDP_DNS_ONLY);
}
const respHeader = new Uint8Array([version[0], 0]);
const rawData = chunk.slice(rawIndex);
if (isDnsQuery) return forwardUDP(rawData, serverSock, respHeader);
await forwardTCP(addressType, hostname, port, rawData, serverSock, respHeader, remoteConnWrapper);
},
})).catch((err) => { console.log('WS Stream Error:', err); });
return new Response(null, { status: 101, webSocket: clientSock });
}
async function forwardTCP(addrType, host, portNum, rawData, ws, respHeader, remoteConnWrapper) {
async function connectAndSend(address, port) {
const remoteSock = isSocksEnabled ?
await establishSocksConnection(addrType, address, port) :
connect({ hostname: address, port: port });
const writer = remoteSock.writable.getWriter();
await writer.write(rawData);
writer.releaseLock();
return remoteSock;
}
async function retryConnection() {
const newSocket = isSocksEnabled ?
await connectAndSend(host, portNum) :
await connectAndSend(fallbackAddress || host, parseInt(fallbackPort, 10) || portNum);
remoteConnWrapper.socket = newSocket;
newSocket.closed.catch(() => {}).finally(() => closeSocketQuietly(ws));
connectStreams(newSocket, ws, respHeader, null);
}
try {
const initialSocket = await connectAndSend(host, portNum);
remoteConnWrapper.socket = initialSocket;
connectStreams(initialSocket, ws, respHeader, retryConnection);
} catch (err) {
console.log('Initial connection failed, trying fallback:', err);
retryConnection();
}
}
function parseWsPacketHeader(chunk, token) {
if (chunk.byteLength < 24) return { hasError: true, message: E_INVALID_DATA };
const version = new Uint8Array(chunk.slice(0, 1));
if (formatIdentifier(new Uint8Array(chunk.slice(1, 17))) !== token) return { hasError: true, message: E_INVALID_USER };
const optLen = new Uint8Array(chunk.slice(17, 18))[0];
const cmd = new Uint8Array(chunk.slice(18 + optLen, 19 + optLen))[0];
let isUDP = false;
if (cmd === 1) {} else if (cmd === 2) { isUDP = true; } else { return { hasError: true, message: E_UNSUPPORTED_CMD }; }
const portIdx = 19 + optLen;
const port = new DataView(chunk.slice(portIdx, portIdx + 2)).getUint16(0);
let addrIdx = portIdx + 2, addrLen = 0, addrValIdx = addrIdx + 1, hostname = '';
const addressType = new Uint8Array(chunk.slice(addrIdx, addrValIdx))[0];
switch (addressType) {
case ADDRESS_TYPE_IPV4: addrLen = 4; hostname = new Uint8Array(chunk.slice(addrValIdx, addrValIdx + addrLen)).join('.'); break;
case ADDRESS_TYPE_URL: addrLen = new Uint8Array(chunk.slice(addrValIdx, addrValIdx + 1))[0]; addrValIdx += 1; hostname = new TextDecoder().decode(chunk.slice(addrValIdx, addrValIdx + addrLen)); break;
case ADDRESS_TYPE_IPV6: addrLen = 16; const ipv6 = []; const ipv6View = new DataView(chunk.slice(addrValIdx, addrValIdx + addrLen)); for (let i = 0; i < 8; i++) ipv6.push(ipv6View.getUint16(i * 2).toString(16)); hostname = ipv6.join(':'); break;
default: return { hasError: true, message: `${E_INVALID_ADDR_TYPE}: ${addressType}` };
}
if (!hostname) return { hasError: true, message: `${E_EMPTY_ADDR}: ${addressType}` };
return { hasError: false, addressType, port, hostname, isUDP, rawIndex: addrValIdx + addrLen, version };
}
function makeReadableStream(socket, earlyDataHeader) {
let cancelled = false;
return new ReadableStream({
start(controller) {
socket.addEventListener('message', (event) => { if (!cancelled) controller.enqueue(event.data); });
socket.addEventListener('close', () => { if (!cancelled) { closeSocketQuietly(socket); controller.close(); } });
socket.addEventListener('error', (err) => controller.error(err));
const { earlyData, error } = base64ToArray(earlyDataHeader);
if (error) controller.error(error); else if (earlyData) controller.enqueue(earlyData);
},
cancel() { cancelled = true; closeSocketQuietly(socket); }
});
}
async function connectStreams(remoteSocket, webSocket, headerData, retryFunc) {
let header = headerData, hasData = false;
await remoteSocket.readable.pipeTo(
new WritableStream({
async write(chunk, controller) {
hasData = true;
if (webSocket.readyState !== 1) controller.error(E_WS_NOT_OPEN);
if (header) { webSocket.send(await new Blob([header, chunk]).arrayBuffer()); header = null; }
else { webSocket.send(chunk); }
},
abort(reason) { console.error("Readable aborted:", reason); },
})
).catch((error) => { console.error("Stream connection error:", error); closeSocketQuietly(webSocket); });
if (!hasData && retryFunc) retryFunc();
}
async function forwardUDP(udpChunk, webSocket, respHeader) {
try {
const tcpSocket = connect({ hostname: '8.8.4.4', port: 53 });
let vlessHeader = respHeader;
const writer = tcpSocket.writable.getWriter();
await writer.write(udpChunk);
writer.releaseLock();
await tcpSocket.readable.pipeTo(new WritableStream({
async write(chunk) {
if (webSocket.readyState === 1) {
if (vlessHeader) { webSocket.send(await new Blob([vlessHeader, chunk]).arrayBuffer()); vlessHeader = null; }
else { webSocket.send(chunk); }
}
},
}));
} catch (error) { console.error(`DNS forward error: ${error.message}`); }
}
async function establishSocksConnection(addrType, address, port) {
const { username, password, hostname, socksPort } = parsedSocks5Config;
const socket = connect({ hostname, port: socksPort });
const writer = socket.writable.getWriter();
await writer.write(new Uint8Array(username ? [5, 2, 0, 2] : [5, 1, 0]));
const reader = socket.readable.getReader();
let res = (await reader.read()).value;
if (res[0] !== 5 || res[1] === 255) throw new Error(E_SOCKS_NO_METHOD);
if (res[1] === 2) {
if (!username || !password) throw new Error(E_SOCKS_AUTH_NEEDED);
const encoder = new TextEncoder();
const authRequest = new Uint8Array([1, username.length, ...encoder.encode(username), password.length, ...encoder.encode(password)]);
await writer.write(authRequest);
res = (await reader.read()).value;
if (res[0] !== 1 || res[1] !== 0) throw new Error(E_SOCKS_AUTH_FAIL);
}
const encoder = new TextEncoder(); let DSTADDR;
switch (addrType) {
case ADDRESS_TYPE_IPV4: DSTADDR = new Uint8Array([1, ...address.split('.').map(Number)]); break;
case ADDRESS_TYPE_URL: DSTADDR = new Uint8Array([3, address.length, ...encoder.encode(address)]); break;
case ADDRESS_TYPE_IPV6: DSTADDR = new Uint8Array([4, ...address.split(':').flatMap(x => [parseInt(x.slice(0, 2), 16), parseInt(x.slice(2), 16)])]); break;
default: throw new Error(E_INVALID_ADDR_TYPE);
}
await writer.write(new Uint8Array([5, 1, 0, ...DSTADDR, port >> 8, port & 255]));
res = (await reader.read()).value;
if (res[1] !== 0) throw new Error(E_SOCKS_CONN_FAIL);
writer.releaseLock(); reader.releaseLock();
return socket;
}
function parseSocksConfig(address) {
let [latter, former] = address.split("@").reverse(); let username, password, hostname, socksPort;
if (former) { const formers = former.split(":"); if (formers.length !== 2) throw new Error(E_INVALID_SOCKS_ADDR);[username, password] = formers; }
const latters = latter.split(":"); socksPort = Number(latters.pop()); if (isNaN(socksPort)) throw new Error(E_INVALID_SOCKS_ADDR);
hostname = latters.join(":"); if (hostname.includes(":") && !/^\[.*\]$/.test(hostname)) throw new Error(E_INVALID_SOCKS_ADDR);
return { username, password, hostname, socksPort };
}
function base64ToArray(b64Str) {
if (!b64Str) return { error: null };
try { b64Str = b64Str.replace(/-/g, '+').replace(/_/g, '/'); return { earlyData: Uint8Array.from(atob(b64Str), (c) => c.charCodeAt(0)).buffer, error: null }; }
catch (error) { return { error }; }
}
function isValidFormat(uuid) { return /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(uuid); }
function closeSocketQuietly(socket) { try { if (socket.readyState === 1 || socket.readyState === 2) socket.close(); } catch (error) {} }
const hexTable = Array.from({ length: 256 }, (v, i) => (i + 256).toString(16).slice(1));
function formatIdentifier(arr, offset = 0) {
const id = (hexTable[arr[offset]]+hexTable[arr[offset+1]]+hexTable[arr[offset+2]]+hexTable[arr[offset+3]]+"-"+hexTable[arr[offset+4]]+hexTable[arr[offset+5]]+"-"+hexTable[arr[offset+6]]+hexTable[arr[offset+7]]+"-"+hexTable[arr[offset+8]]+hexTable[arr[offset+9]]+"-"+hexTable[arr[offset+10]]+hexTable[arr[offset+11]]+hexTable[arr[offset+12]]+hexTable[arr[offset+13]]+hexTable[arr[offset+14]]+hexTable[arr[offset+15]]).toLowerCase();
if (!isValidFormat(id)) throw new TypeError(E_INVALID_ID_STR);
return id;
}部署>填写以下内容>完成>部署
(如果点完成出现此规则可能不适用于你的流量,点创建新代理DNS记录,在ipv4地址处填写填写框下方的ip:192.0.2.1 确定再点部署)
订阅地址为,部署的域名/uuid
http://sn.287926405.xyz/351c9981-04b6-4103-aa4b-864aa9c91469
参考视频:https://www.youtube.com/watch?v=xeFeH3Akcu8
代码二:
手搓节点(ymyuuu源码支持xhttp协议)
const FIXED_UUID = '';// 建议修改为自己的规范化UUID,如不需要可留空
export default {
async fetch(request) {
try {
const url = new URL(request.url);
// 检查是否为 WebSocket 升级请求
const upgradeHeader = request.headers.get('Upgrade');
if (upgradeHeader !== 'websocket') {
// 将 request.cf 对象转换为 JSON 字符串
const jsonData = JSON.stringify(request.cf, null, 2); // 使用2个空格缩进,使输出更易读
// 创建 Response 对象,设置正确的 Content-Type 头
return new Response(jsonData, {
status: 200,
headers: {
'Content-Type': 'application/json;charset=UTF-8' // 标准 JSON 内容类型[6,7](@ref)
}
});
} else {
let socks5Address = url.searchParams.get('socks5') || url.searchParams.get('http') || null;
let parsedSocks5Address = {};
let enableSocks = null;
let enableGlobalSocks = url.searchParams.has('globalproxy');
let ProxyIP = request.cf.colo + atob('LnByb3h5aXAuY21saXVzc3NzLm5ldA==');
let ProxyPort = 443;
if ((url.pathname.toLowerCase().includes('/socks5=') || (url.pathname.includes('/s5=')) || (url.pathname.includes('/gs5=')))) {
socks5Address = url.pathname.split('5=')[1];
enableGlobalSocks = url.pathname.includes('/gs5=') ? true : enableGlobalSocks;
} if ((url.pathname.toLowerCase().includes('/http='))) {
socks5Address = url.pathname.split('/http=')[1];
} else if (url.pathname.toLowerCase().includes('/socks://') || url.pathname.toLowerCase().includes('/socks5://') || url.pathname.toLowerCase().includes('/http://')) {
socks5Address = url.pathname.split('://')[1].split('#')[0];
if (socks5Address.includes('@')) {
const lastAtIndex = socks5Address.lastIndexOf('@');
let userPassword = socks5Address.substring(0, lastAtIndex).replaceAll('%3D', '=');
const base64Regex = /^(?:[A-Z0-9+/]{4})*(?:[A-Z0-9+/]{2}==|[A-Z0-9+/]{3}=)?$/i;
if (base64Regex.test(userPassword) && !userPassword.includes(':')) userPassword = atob(userPassword);
socks5Address = `${userPassword}@${socks5Address.substring(lastAtIndex + 1)}`;
}
enableGlobalSocks = true;//开启全局SOCKS5
}
if (socks5Address) {
try {
parsedSocks5Address = socks5AddressParser(socks5Address);
enableSocks = url.pathname.includes('http://') ? 'http' : 'socks5';
} catch (err) {
enableSocks = null;
}
} else {
enableSocks = null;
}
if (url.searchParams.has('proxyip') || url.searchParams.has('ip')) {
ProxyIP = url.searchParams.get('proxyip') || url.searchParams.get('ip');
enableSocks = null;
} else if (url.pathname.toLowerCase().includes('/proxyip=')) {
ProxyIP = url.pathname.toLowerCase().split('/proxyip=')[1];
enableSocks = null;
} else if (url.pathname.toLowerCase().includes('/proxyip.')) {
ProxyIP = `proxyip.${url.pathname.toLowerCase().split("/proxyip.")[1]}`;
enableSocks = null;
} else if (url.pathname.toLowerCase().includes('/pyip=')) {
ProxyIP = url.pathname.toLowerCase().split('/pyip=')[1];
enableSocks = null;
} else if (url.pathname.toLowerCase().includes('/ip=')) {
ProxyIP = url.pathname.toLowerCase().split('/ip=')[1];
enableSocks = null;
}
return await handleSPESSWebSocket(request, {
parsedSocks5Address,
enableSocks,
enableGlobalSocks,
ProxyIP,
ProxyPort
});
}
} catch (err) {
return new Response(err && err.stack ? err.stack : String(err), { status: 500 });
}
},
};
async function handleSPESSWebSocket(request, config) {
const {
parsedSocks5Address,
enableSocks,
enableGlobalSocks,
ProxyIP,
ProxyPort
} = config;
const wsPair = new WebSocketPair();
const [clientWS, serverWS] = Object.values(wsPair);
serverWS.accept();
// WebSocket心跳机制,每30秒发送一次ping
let heartbeatInterval = setInterval(() => {
if (serverWS.readyState === WS_READY_STATE_OPEN) {
try {
serverWS.send('ping');
} catch (e) { }
}
}, 30000);
function clearHeartbeat() {
if (heartbeatInterval) {
clearInterval(heartbeatInterval);
heartbeatInterval = null;
}
}
serverWS.addEventListener('close', clearHeartbeat);
serverWS.addEventListener('error', clearHeartbeat);
// 处理 WebSocket 数据流
const earlyDataHeader = request.headers.get('sec-websocket-protocol') || '';
const wsReadable = createWebSocketReadableStream(serverWS, earlyDataHeader);
let remoteSocket = null;
let udpStreamWrite = null;
let isDns = false;
wsReadable.pipeTo(new WritableStream({
async write(chunk) {
if (isDns && udpStreamWrite) {
return udpStreamWrite(chunk);
}
if (remoteSocket) {
try {
const writer = remoteSocket.writable.getWriter();
await writer.write(chunk);
writer.releaseLock();
} catch (err) {
closeSocket(remoteSocket);
throw err;
}
return;
}
const result = parseVLESSHeader(chunk);
if (result.hasError) throw new Error(result.message);
if (result.addressRemote.includes(atob('c3BlZWQuY2xvdWRmbGFyZS5jb20='))) throw new Error('Access');
const vlessRespHeader = new Uint8Array([result.vlessVersion[0], 0]);
const rawClientData = chunk.slice(result.rawDataIndex);
if (result.isUDP) {
if (result.portRemote === 53) {
isDns = true;
const { write } = await handleUDPOutBound(serverWS, vlessRespHeader);
udpStreamWrite = write;
udpStreamWrite(rawClientData);
return;
} else {
throw new Error('UDP代理仅支持DNS(端口53)');
}
}
async function connectAndWrite(address, port) {
const tcpSocket = await connect({ hostname: address, port: port }, { allowHalfOpen: true });
remoteSocket = tcpSocket;
const writer = tcpSocket.writable.getWriter();
await writer.write(rawClientData);
writer.releaseLock();
return tcpSocket;
}
async function connectAndWriteSocks(address, port) {
const tcpSocket = enableSocks === 'socks5'
? await socks5Connect(result.addressType, address, port, parsedSocks5Address)
: await httpConnect(result.addressType, address, port, parsedSocks5Address);
remoteSocket = tcpSocket;
const writer = tcpSocket.writable.getWriter();
await writer.write(rawClientData);
writer.releaseLock();
return tcpSocket;
}
async function retry() {
try {
let tcpSocket;
if (enableSocks === 'socks5') {
tcpSocket = await socks5Connect(result.addressType, result.addressRemote, result.portRemote, parsedSocks5Address);
} else if (enableSocks === 'http') {
tcpSocket = await httpConnect(result.addressType, result.addressRemote, result.portRemote, parsedSocks5Address);
} else {
const proxyConfig = await getProxyConfiguration(request.cf && request.cf.colo, result.addressRemote, result.portRemote, ProxyIP, ProxyPort);
tcpSocket = await connect({ hostname: proxyConfig.ip, port: proxyConfig.port }, { allowHalfOpen: true });
}
remoteSocket = tcpSocket;
const writer = tcpSocket.writable.getWriter();
await writer.write(rawClientData);
writer.releaseLock();
tcpSocket.closed.catch(() => { }).finally(() => {
if (serverWS.readyState === WS_READY_STATE_OPEN) {
serverWS.close(1000, '连接已关闭');
}
});
pipeRemoteToWebSocket(tcpSocket, serverWS, vlessRespHeader, null);
} catch (err) {
closeSocket(remoteSocket);
serverWS.close(1011, '代理连接失败: ' + (err && err.message ? err.message : err));
}
}
try {
if (enableGlobalSocks) {
const tcpSocket = await connectAndWriteSocks(result.addressRemote, result.portRemote);
pipeRemoteToWebSocket(tcpSocket, serverWS, vlessRespHeader, retry);
} else {
const tcpSocket = await connectAndWrite(result.addressRemote, result.portRemote);
pipeRemoteToWebSocket(tcpSocket, serverWS, vlessRespHeader, retry);
}
} catch (err) {
closeSocket(remoteSocket);
serverWS.close(1011, '连接失败: ' + (err && err.message ? err.message : err));
}
},
close() {
if (remoteSocket) {
closeSocket(remoteSocket);
}
}
})).catch(err => {
closeSocket(remoteSocket);
serverWS.close(1011, '内部错误: ' + (err && err.message ? err.message : err));
});
return new Response(null, {
status: 101,
webSocket: clientWS,
});
}
function createWebSocketReadableStream(ws, earlyDataHeader) {
return new ReadableStream({
start(controller) {
ws.addEventListener('message', event => {
controller.enqueue(event.data);
});
ws.addEventListener('close', () => {
controller.close();
});
ws.addEventListener('error', err => {
controller.error(err);
});
if (earlyDataHeader) {
try {
const decoded = atob(earlyDataHeader.replace(/-/g, '+').replace(/_/g, '/'));
const data = Uint8Array.from(decoded, c => c.charCodeAt(0));
controller.enqueue(data.buffer);
} catch (e) {
}
}
}
});
}
// 只允许固定UUID
function parseVLESSHeader(buffer) {
if (buffer.byteLength < 24) {
return { hasError: true, message: '无效的头部长度' };
}
const view = new DataView(buffer);
const version = new Uint8Array(buffer.slice(0, 1));
const uuid = formatUUID(new Uint8Array(buffer.slice(1, 17)));
if (FIXED_UUID && uuid !== FIXED_UUID) {
return { hasError: true, message: '无效的用户' };
}
const optionsLength = view.getUint8(17);
const command = view.getUint8(18 + optionsLength);
let isUDP = false;
if (command === 1) {
} else if (command === 2) {
isUDP = true;
} else {
return { hasError: true, message: '不支持的命令,仅支持TCP(01)和UDP(02)' };
}
let offset = 19 + optionsLength;
const port = view.getUint16(offset);
offset += 2;
const addressType = view.getUint8(offset++);
let address = '';
switch (addressType) {
case 1:
address = Array.from(new Uint8Array(buffer.slice(offset, offset + 4))).join('.');
offset += 4;
break;
case 2:
const domainLength = view.getUint8(offset++);
address = new TextDecoder().decode(buffer.slice(offset, offset + domainLength));
offset += domainLength;
break;
case 3:
const ipv6 = [];
for (let i = 0; i < 8; i++) {
ipv6.push(view.getUint16(offset).toString(16).padStart(4, '0'));
offset += 2;
}
address = ipv6.join(':').replace(/(^|:)0+(\w)/g, '$1$2');
break;
default:
return { hasError: true, message: '不支持的地址类型' };
}
return {
hasError: false,
addressRemote: address,
portRemote: port,
rawDataIndex: offset,
vlessVersion: version,
isUDP,
addressType
};
}
function pipeRemoteToWebSocket(remoteSocket, ws, vlessHeader, retry = null) {
let headerSent = false;
let hasIncomingData = false;
remoteSocket.readable.pipeTo(new WritableStream({
write(chunk) {
hasIncomingData = true;
if (ws.readyState === WS_READY_STATE_OPEN) {
if (!headerSent) {
const combined = new Uint8Array(vlessHeader.byteLength + chunk.byteLength);
combined.set(new Uint8Array(vlessHeader), 0);
combined.set(new Uint8Array(chunk), vlessHeader.byteLength);
ws.send(combined.buffer);
headerSent = true;
} else {
ws.send(chunk);
}
}
},
close() {
if (!hasIncomingData && retry) {
retry();
return;
}
if (ws.readyState === WS_READY_STATE_OPEN) {
ws.close(1000, '正常关闭');
}
},
abort() {
closeSocket(remoteSocket);
}
})).catch(err => {
closeSocket(remoteSocket);
if (ws.readyState === WS_READY_STATE_OPEN) {
ws.close(1011, '数据传输错误');
}
});
}
function closeSocket(socket) {
if (socket) {
try {
socket.close();
} catch (e) {
}
}
}
function formatUUID(bytes) {
const hex = Array.from(bytes, b => b.toString(16).padStart(2, '0')).join('');
return `${hex.slice(0, 8)}-${hex.slice(8, 12)}-${hex.slice(12, 16)}-${hex.slice(16, 20)}-${hex.slice(20)}`;
}
function socks5AddressParser(address) {
// 使用 "@" 分割地址,分为认证部分和服务器地址部分
const lastAtIndex = address.lastIndexOf("@");
let [latter, former] = lastAtIndex === -1 ? [address, undefined] : [address.substring(lastAtIndex + 1), address.substring(0, lastAtIndex)];
let username, password, hostname, port;
// 如果存在 former 部分,说明提供了认证信息
if (former) {
const formers = former.split(":");
if (formers.length !== 2) {
throw new Error('无效的 SOCKS 地址格式:认证部分必须是 "username:password" 的形式');
}
[username, password] = formers;
}
// 解析服务器地址部分
const latters = latter.split(":");
// 检查是否是IPv6地址带端口格式 [xxx]:port
if (latters.length > 2 && latter.includes("]:")) {
// IPv6地址带端口格式:[2001:db8::1]:8080
port = Number(latter.split("]:")[1].replace(/[^\d]/g, ''));
hostname = latter.split("]:")[0] + "]"; // 正确提取hostname部分
} else if (latters.length === 2) {
// IPv4地址带端口或域名带端口
port = Number(latters.pop().replace(/[^\d]/g, ''));
hostname = latters.join(":");
} else {
port = 80;
hostname = latter;
}
if (isNaN(port)) {
throw new Error('无效的 SOCKS 地址格式:端口号必须是数字');
}
// 处理 IPv6 地址的特殊情况
// IPv6 地址包含多个冒号,所以必须用方括号括起来,如 [2001:db8::1]
const regex = /^\[.*\]$/;
if (hostname.includes(":") && !regex.test(hostname)) {
throw new Error('无效的 SOCKS 地址格式:IPv6 地址必须用方括号括起来,如 [2001:db8::1]');
}
//if (/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/.test(hostname)) hostname = `${atob('d3d3Lg==')}${hostname}${atob('LmlwLjA5MDIyNy54eXo=')}`;
// 返回解析后的结果
return {
username, // 用户名,如果没有则为 undefined
password, // 密码,如果没有则为 undefined
hostname, // 主机名,可以是域名、IPv4 或 IPv6 地址
port, // 端口号,已转换为数字类型
}
}
// 修正socks5Connect函数,不再引用parsedSocks5Address
async function socks5Connect(addressType, addressRemote, portRemote, socks5Address) {
const { username, password, hostname, port } = socks5Address;
const socket = connect({
hostname,
port,
});
const socksGreeting = new Uint8Array([5, 2, 0, 2]);
const writer = socket.writable.getWriter();
await writer.write(socksGreeting);
const reader = socket.readable.getReader();
const encoder = new TextEncoder();
let res = (await reader.read()).value;
if (res[0] !== 0x05) {
throw new Error(`socks server version error: ${res[0]} expected: 5`);
}
if (res[1] === 0xff) {
throw new Error("no acceptable methods");
}
if (res[1] === 0x02) {
if (!username || !password) {
throw new Error("please provide username/password");
}
const authRequest = new Uint8Array([
1,
username.length,
...encoder.encode(username),
password.length,
...encoder.encode(password)
]);
await writer.write(authRequest);
res = (await reader.read()).value;
if (res[0] !== 0x01 || res[1] !== 0x00) {
throw new Error("fail to auth socks server");
}
}
let DSTADDR;
switch (addressType) {
case 1:
DSTADDR = new Uint8Array(
[1, ...addressRemote.split('.').map(Number)]
);
break;
case 2:
DSTADDR = new Uint8Array(
[3, addressRemote.length, ...encoder.encode(addressRemote)]
);
break;
case 3:
DSTADDR = new Uint8Array(
[4, ...addressRemote.split(':').flatMap(x => [parseInt(x.slice(0, 2), 16), parseInt(x.slice(2), 16)])]
);
break;
default:
throw new Error(`invalid addressType is ${addressType}`);
}
const socksRequest = new Uint8Array([5, 1, 0, ...DSTADDR, portRemote >> 8, portRemote & 0xff]);
await writer.write(socksRequest);
res = (await reader.read()).value;
if (res[1] === 0x00) {
} else {
throw new Error("fail to open socks connection");
}
writer.releaseLock();
reader.releaseLock();
return socket;
}
async function httpConnect(addressType, addressRemote, portRemote, socks5Address) {
const { username, password, hostname, port } = socks5Address;
const sock = await connect({
hostname: hostname,
port: port
});
// 构建HTTP CONNECT请求
let connectRequest = `CONNECT ${addressRemote}:${portRemote} HTTP/1.1\r\n`;
connectRequest += `Host: ${addressRemote}:${portRemote}\r\n`;
// 添加代理认证(如果需要)
if (username && password) {
const authString = `${username}:${password}`;
const base64Auth = btoa(authString);
connectRequest += `Proxy-Authorization: Basic ${base64Auth}\r\n`;
}
connectRequest += `User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36\r\n`;
connectRequest += `Proxy-Connection: Keep-Alive\r\n`;
connectRequest += `Connection: Keep-Alive\r\n`; // 添加标准 Connection 头
connectRequest += `\r\n`;
try {
// 发送连接请求
const writer = sock.writable.getWriter();
await writer.write(new TextEncoder().encode(connectRequest));
writer.releaseLock();
} catch (err) {
console.error('发送HTTP CONNECT请求失败:', err);
throw new Error(`发送HTTP CONNECT请求失败: ${err.message}`);
}
// 读取HTTP响应
const reader = sock.readable.getReader();
let respText = '';
let connected = false;
let responseBuffer = new Uint8Array(0);
try {
while (true) {
const { value, done } = await reader.read();
if (done) {
console.error('HTTP代理连接中断');
throw new Error('HTTP代理连接中断');
}
// 合并接收到的数据
const newBuffer = new Uint8Array(responseBuffer.length + value.length);
newBuffer.set(responseBuffer);
newBuffer.set(value, responseBuffer.length);
responseBuffer = newBuffer;
// 将收到的数据转换为文本
respText = new TextDecoder().decode(responseBuffer);
// 检查是否收到完整的HTTP响应头
if (respText.includes('\r\n\r\n')) {
// 分离HTTP头和可能的数据部分
const headersEndPos = respText.indexOf('\r\n\r\n') + 4;
const headers = respText.substring(0, headersEndPos);
// 检查响应状态
if (headers.startsWith('HTTP/1.1 200') || headers.startsWith('HTTP/1.0 200')) {
connected = true;
// 如果响应头之后还有数据,我们需要保存这些数据以便后续处理
if (headersEndPos < responseBuffer.length) {
const remainingData = responseBuffer.slice(headersEndPos);
// 创建一个缓冲区来存储这些数据,以便稍后使用
const dataStream = new ReadableStream({
start(controller) {
controller.enqueue(remainingData);
}
});
// 创建一个新的TransformStream来处理额外数据
const { readable, writable } = new TransformStream();
dataStream.pipeTo(writable).catch(err => console.error('处理剩余数据错误:', err));
// 替换原始readable流
// @ts-ignore
sock.readable = readable;
}
} else {
const errorMsg = `HTTP代理连接失败: ${headers.split('\r\n')[0]}`;
console.error(errorMsg);
throw new Error(errorMsg);
}
break;
}
}
} catch (err) {
reader.releaseLock();
throw new Error(`处理HTTP代理响应失败: ${err.message}`);
}
reader.releaseLock();
if (!connected) {
throw new Error('HTTP代理连接失败: 未收到成功响应');
}
return sock;
}
async function handleUDPOutBound(webSocket, vlessResponseHeader) {
let isVlessHeaderSent = false;
const transformStream = new TransformStream({
start(controller) {
},
transform(chunk, controller) {
for (let index = 0; index < chunk.byteLength;) {
const lengthBuffer = chunk.slice(index, index + 2);
const udpPacketLength = new DataView(lengthBuffer).getUint16(0);
const udpData = new Uint8Array(
chunk.slice(index + 2, index + 2 + udpPacketLength)
);
index = index + 2 + udpPacketLength;
controller.enqueue(udpData);
}
},
flush(controller) {
}
});
transformStream.readable.pipeTo(new WritableStream({
async write(chunk) {
const resp = await fetch('https://1.1.1.1/dns-query',
{
method: 'POST',
headers: {
'content-type': 'application/dns-message',
},
body: chunk,
})
const dnsQueryResult = await resp.arrayBuffer();
const udpSize = dnsQueryResult.byteLength;
const udpSizeBuffer = new Uint8Array([(udpSize >> 8) & 0xff, udpSize & 0xff]);
if (webSocket.readyState === WS_READY_STATE_OPEN) {
if (isVlessHeaderSent) {
webSocket.send(await new Blob([udpSizeBuffer, dnsQueryResult]).arrayBuffer());
} else {
webSocket.send(await new Blob([vlessResponseHeader, udpSizeBuffer, dnsQueryResult]).arrayBuffer());
isVlessHeaderSent = true;
}
}
}
})).catch((error) => {
});
const writer = transformStream.writable.getWriter();
return {
write(chunk) {
writer.write(chunk);
}
};
}
// ========== 必要常量和依赖 ==========
const WS_READY_STATE_OPEN = 1;
import { connect } from 'cloudflare:sockets';
async function getProxyConfiguration(colo, addressRemote, portRemote, ProxyIP, ProxyPort) {
if (ProxyIP.includes(']:')) {
ProxyPort = ProxyIP.split(']:')[1] || ProxyPort;
ProxyIP = ProxyIP.split(']:')[0] + "]" || ProxyIP;
} else if (ProxyIP.split(':').length === 2) {
ProxyPort = ProxyIP.split(':')[1] || ProxyPort;
ProxyIP = ProxyIP.split(':')[0] || ProxyIP;
}
if (ProxyIP.includes('.tp')) ProxyPort = ProxyIP.split('.tp')[1].split('.')[0] || ProxyPort;
return { ip: ProxyIP || addressRemote, port: ProxyPort || portRemote };
}代码依旧需要修改自己的UUID
在客户端(如 v2rayN)中手动配置一个 VLESS 节点
在 v2rayN 中,参照下图填写必要的连接参数:
别名:为你的节点设置一个自定义名称。
UUID:必须填写你之前在源码中设置的那个 UUID。如果未设置,则可以随意生成。
地址 / 端口:地址填写你上面设置的子域名,端口填写
443。也可以使用优选域名。传输协议:选择 ws (WebSocket)。
伪装域名:填写你上面设置的子域名。
路径:
你可能会发现,使用 Cloudflare 部署的节点无法打开某些网站,这通常是因为目标网站也使用了 Cloudflare CDN。
为了解决这个问题,CM 大佬内建了一个巧妙的功能:通过在路径中加入一个 proxyip 参数,来指定一个“代理IP”绕过访问限制。
你只需将下方参数附加到路径中即可。如果你有访问速度更快的 proxyip,也可以自行替换。此方法仅针对上述CM佬 与 白嫖哥 源码,其他版本请自行测试。(白嫖哥源码格式: /ip=IP地址)
/ip=proxyip.fxxk.dedyn.io
/proxyip=proxyip.fxxk.dedyn.io
/pyip=proxyip.fxxk.dedyn.io传输层安全:选择 tls。
SNI:填写你上面设置的-子域名。
跳过证书验证:选择 true。
VLESS节点基础配置
VLESS节点传输配置
填写完毕后,点击 确定 保存配置。
测试连接
回到 v2rayN 主界面,右键点击刚刚创建的节点。
选择 测试服务器真连接延迟。
如果延迟测试成功并显示数值,则表示节点已经可以正常使用。
测试节点真连接延迟
添加优选订阅
你亲手创建的 VLESS 节点虽然只有一个,但它的潜力远不止于此。通过 Cloudflare 的“节点优选”技术,我们可以将这个单节点“裂变”成包含数百个高速 IP 的订阅,让你的客户端自动选择当前网络环境下最快的线路。
这不仅能显著提升连接速度和稳定性,还能在遇到网络波动时自动切换,体验更佳。
操作步骤:
获取原始节点链接
在 v2rayN 中,右键点击我们刚刚创建并测试成功的 VLESS 节点,选择“复制分享链接”,获取到vless://...格式的链接。生成优选订阅
打开 优选订阅生成器 网站:https://zrf.zrf.me/在 “节点链接” 输入框中,粘贴 刚刚复制的
vless://链接。点击 “生成优选订阅” 按钮。
复制生成的订阅链接
页面会生成一条全新的 优选订阅地址。这条地址就是我们最终的“成果”,它内部包含了大量经过优选的 Cloudflare IP 节点。请完整复制它。生成优选订阅
更进一步:聚合多个优选订阅
一个优选订阅器还不够?没问题!网络上有多位大佬都在维护各自的优选订阅服务,你可以将它们全部利用起来。
访问 CloudFlare 优选订阅器汇总 页面。
将你的
vless://链接分别粘贴到列表中的多个订阅器里,生成多条不同的优选订阅链接。将所有这些生成的优选订阅链接,全部 添加到你的 MiSub 的“订阅”列表中。
通过这种方式,你的 MiSub 就成了一个强大的“超级优选聚合器”,节点多到用不完,真正实现网络自由
评论区