hiddifypanel 10.85.0b21__py3-none-any.whl → 10.86.0b2__py3-none-any.whl

hiddifypanel/VERSION

@@ -1 +1 @@
-10.85.0b21
+10.86.0b2

hiddifypanel/VERSION.py

@@ -1,6 +1,6 @@
 # import importlib.metadata
 from datetime import datetime
 
-__version__ = '10.85.0b21'
-__release_time__= datetime.strptime('2025-07-03T11:00:05','%Y-%m-%dT%H:%M:%S')
+__version__ = '10.86.0b2'
+__release_time__= datetime.strptime('2025-07-06T19:45:39','%Y-%m-%dT%H:%M:%S')
 is_released_version=True

hiddifypanel/hutils/network/auto_ip_selector.py

@@ -38,10 +38,10 @@ apt.ircf.space		APT
 """
 
 try:
-   
+
     IPASN = maxminddb.open_database('GeoLite2-ASN.mmdb')
     IPCOUNTRY = maxminddb.open_database('GeoLite2-Country.mmdb')
-    # __ipcity = maxminddb.open_database('GeoLite2-City.mmdb') 
+    # __ipcity = maxminddb.open_database('GeoLite2-City.mmdb')
 except BaseException as e:
     logger.error("Error can not load maxminddb")
     IPASN = {}
@@ -163,12 +163,23 @@ def __get_host_base_on_asn(ips: Union[str, List[str]], asn_short: str) -> str:
     return selected
 
 
-def get_clean_ip(ips: Union[str, List[str]], resolve: bool = False, default_asn: str = '') -> str:
-    if not ips:
-        ips = DEFAULT_IPs
-
-    ips = re.split('[ \t\r\n;,]+', ips.strip())
+def get_clean_ip(ips: Union[str, List[str]], resolve: bool = False) -> str:
     user_ip = get_real_user_ip()
+    default_asn = request.args.get("asn", '')
+    return get_clean_ip_user(user_ip, ips, default_asn)
+
+
+split_pattern = re.compile(r'[ \t\r\n;,]+')
+
+
+@cache.cache(300)
+def get_clean_ip_user(user_ip, ipliststr: str, default_asn: str = '') -> tuple[str, str]:
+    ipliststr = ipliststr.strip()
+    if not ipliststr:
+        ipliststr = DEFAULT_IPs.strip()
+
+    ips = split_pattern.split(ipliststr)
+
     asn_short = get_asn_short_name(user_ip)
     country = get_country(user_ip)
     # print("Real user ip",get_real_user_ip_debug(), user_ip,asn_short,country)
@@ -181,6 +192,4 @@ def get_clean_ip(ips: Union[str, List[str]], resolve: bool = False, default_asn:
     else:
         selected_server = random.sample(ips, 1)[0]
     # print("selected_server",selected_server)
-    if resolve:
-        selected_server = hutils.network.get_domain_ip(selected_server) or selected_server
-    return str(selected_server)
+    return str(selected_server), asn_short

hiddifypanel/hutils/network/net.py

@@ -20,7 +20,7 @@ from hiddifypanel.models import *
 from hiddifypanel.cache import cache
 
 
-def get_domain_ip(domain: str, retry: int = 3, version: Literal[4, 6] | None = None) -> Union[ipaddress.IPv4Address, ipaddress.IPv6Address, None]:
+def get_domain_ip_old(domain: str, retry: int = 3, version: Literal[4, 6] | None = None) -> Union[ipaddress.IPv4Address, ipaddress.IPv6Address, None]:
     res = None
     if not version:
         try:
@@ -41,14 +41,28 @@ def get_domain_ip(domain: str, retry: int = 3, version: Literal[4, 6] | None = N
         except BaseException:
             pass
 
-    if retry <= 0:
-        return None
-    if not res:
-        return get_domain_ip(domain, retry=retry - 1, version=version)
+    if retry > 0:
+        return get_domain_ip_old(domain, retry=retry - 1, version=version)
 
+    if not res:
+        return None
     return ipaddress.ip_address(res)
 
 
+def get_domain_ip(domain: str, retry: int = 3, version: Literal[4, 6] | None = None) -> Union[ipaddress.IPv4Address, ipaddress.IPv6Address, None]:
+    ips=get_domain_ips_cached(domain)
+    ips=[ip for ip in ips if version==None or (version==4 and isinstance(ip,ipaddress.IPv4Address)) or  (version==6 and isinstance(ip,ipaddress.IPv6Address)) ]
+    if ips:
+        return random.sample(ips,1)[0]
+    return get_domain_ip_old(domain,0)
+
+@cache.cache(300)
+def get_domain_ips_cached(domain: str, retry: int = 3) -> Set[Union[ipaddress.IPv4Address, ipaddress.IPv6Address]]:
+    try:
+        return set(ipaddress.ip_address(domain))
+    except:
+        return get_domain_ips(domain,retry)
+
 def get_domain_ips(domain: str, retry: int = 3) -> Set[Union[ipaddress.IPv4Address, ipaddress.IPv6Address]]:
     res = set()
     if retry < 0:
@@ -171,6 +185,12 @@ def get_ip(version: Literal[4, 6], retry: int = 5) -> ipaddress.IPv4Address | ip
     return ip
 
 
+def get_random_user_agent():
+    
+    uas = requests.get('https://cdn.jsdelivr.net/gh/microlinkhq/top-user-agents@master/src/index.json').json()
+    if uas:
+        return random.sample(uas,1)[0]
+    return 
 def get_random_domains(count: int = 1, retry: int = 3) -> List[str]:
     try:
         irurl = "https://api.ooni.io/api/v1/measurements?probe_cc=IR&test_name=web_connectivity&anomaly=false&confirmed=false&failure=false&order_by=test_start_time&limit=1000"

hiddifypanel/hutils/proxy/clash.py

@@ -155,7 +155,7 @@ def to_clash(proxy, meta_or_normal):
             base["ws-opts"]["headers"] = {"Host": proxy["host"]}
 
     if base["network"] == "tcp" and proxy['alpn'] != 'h2':
-        if proxy['transport'] != ProxyTransport.XTLS:
+        if proxy['transport'] != ProxyL3.reality:
             base["network"] = "http"
 
         if "path" in proxy:

hiddifypanel/hutils/proxy/shared.py

@@ -11,11 +11,11 @@ from hiddifypanel.models import Proxy, ProxyProto, ProxyL3, ProxyTransport, Prox
 from hiddifypanel import hutils
 
 
-def get_ssh_hostkeys(hconfigs,dojson=False) -> list[str] | str:
+def get_ssh_hostkeys(hconfigs, dojson=False) -> list[str] | str:
     host_keys = [
         # hconfigs[ConfigEnum.ssh_host_dsa_pub],
         hconfigs[ConfigEnum.ssh_host_ed25519_pub],
-        hconfigs[ConfigEnum.ssh_host_ecdsa_pub], 
+        hconfigs[ConfigEnum.ssh_host_ecdsa_pub],
         hconfigs[ConfigEnum.ssh_host_rsa_pub],
     ]
     if dojson:
@@ -28,13 +28,13 @@ def is_proxy_valid(proxy: Proxy, domain_db: Domain, port: int) -> dict | None:
     l3 = proxy.l3
     if not port:
         return {'name': name, 'msg': "port not defined", 'type': 'error', 'proto': proxy.proto}
-    if "reality" not in l3 and domain_db.mode == DomainType.reality:
+    if "reality" not in l3 and 'reality' in domain_db.mode:
         return {'name': name, 'msg': "reality proxy not in reality domain", 'type': 'debug', 'proto': proxy.proto}
 
-    if "reality" in l3 and domain_db.mode != DomainType.reality:
+    if "reality" in l3 and 'reality' not in domain_db.mode:
         return {'name': name, 'msg': "reality proxy not in reality domain", 'type': 'debug', 'proto': proxy.proto}
 
-    if "reality" in l3 and domain_db.grpc and ProxyTransport.grpc != proxy.transport:
+    if "reality" in l3 and domain_db.mode in [DomainType.special_reality_grpc] and ProxyTransport.grpc != proxy.transport:
         return {'name': name, 'msg': "reality proxy not in reality domain", 'type': 'debug', 'proto': proxy.proto}
 
     if "reality" in l3 and (not domain_db.grpc) and ProxyTransport.grpc == proxy.transport:
@@ -58,18 +58,22 @@ def is_proxy_valid(proxy: Proxy, domain_db: Domain, port: int) -> dict | None:
     if domain_db.mode == DomainType.worker and proxy.transport == ProxyTransport.grpc:
         return {'name': name, 'msg': "worker does not support grpc", 'type': 'debug', 'proto': proxy.proto}
 
-    if domain_db.mode != DomainType.old_xtls_direct and "tls" in proxy.l3 and proxy.cdn == ProxyCDN.direct and proxy.transport in [ProxyTransport.tcp, ProxyTransport.XTLS]:
-        return {'name': name, 'msg': "only  old_xtls_direct  support this", 'type': 'debug', 'proto': proxy.proto}
+    if domain_db.mode == DomainType.old_xtls_direct:
+        return {'name': name, 'msg': "unsupported", 'type': 'debug', 'proto': proxy.proto}
+    # if domain_db.mode != DomainType.old_xtls_direct and "tls" in proxy.l3 and proxy.cdn == ProxyCDN.direct and proxy.transport in [ProxyTransport.tcp, ProxyTransport.XTLS]:
+        # return {'name': name, 'msg': "only  old_xtls_direct  support this", 'type': 'debug', 'proto': proxy.proto}
 
     if proxy.proto == "trojan" and not is_tls(l3):
         return {'name': name, 'msg': "trojan but not tls", 'type': 'warning', 'proto': proxy.proto}
 
-    if l3 == "http" and ProxyTransport.XTLS in proxy.transport:
-        return {'name': name, 'msg': "http and xtls???", 'type': 'warning', 'proto': proxy.proto}
+    # if l3 == "http" and ProxyTransport.XTLS in proxy.transport:
+    #     return {'name': name, 'msg': "http and xtls???", 'type': 'warning', 'proto': proxy.proto}
 
     if l3 == "http" and proxy.proto in [ProxyProto.ss, ProxyProto.ssr]:
         return {'name': name, 'msg': "http and ss or ssr???", 'type': 'warning', 'proto': proxy.proto}
 
+    return 
+
 
 def get_port(proxy: Proxy, hconfigs: dict, domain_db: Domain, ptls: int, phttp: int, pport: int | None) -> int:
     l3 = proxy.l3
@@ -235,6 +239,70 @@ def get_valid_proxies(domains: list[Domain]) -> list[dict]:
     return allp
 
 
+def random_or_none(inp: list):
+    if not inp:
+        return
+    return random.sample(inp, 1)[0]
+
+
+split_pattern = re.compile(r'[ \t\r\n;,]+')
+
+
+def sni_host_server_extractor(domain_db: Domain, hconfigs):
+    
+    server=sni=host = domain_db.domain.replace("*", hutils.random.get_random_string(5, 15))
+    is_cdn = domain_db.mode in [DomainType.cdn, DomainType.auto_cdn_ip]
+    if auto_ip:=domain_db.auto_cdn_ip():
+        server=auto_ip
+    elif 'special' in domain_db.mode.value or domain_db.mode in [DomainType.fake]:
+        server=hutils.network.get_direct_host_or_ip(4)
+    
+    if hconfig(ConfigEnum.use_ip_in_config):
+        server = random_or_none(hutils.network.get_domain_ips_cached(server)) or server
+
+    
+    allow_insecure=not domain_db.need_valid_ssl
+    if all_snis := split_pattern.split((domain_db.servernames or "").strip()):
+        sni = random_or_none(all_snis) or sni
+        if 'reality' in domain_db.mode:
+            allow_insecure=False
+            if hconfigs[ConfigEnum.core_type] == "singbox": #TODO
+                sni = all_snis[0]
+            
+        else: 
+            allow_insecure=True
+
+    base = {
+        'sni': sni,
+        'host': host,
+        'server': server,
+        'mode': domain_db.mode,
+        'allow_insecure': allow_insecure,
+        'cdn': is_cdn,
+    }
+    if 'reality' in domain_db.mode:
+        base['reality_short_id'] = random.sample(hconfigs[ConfigEnum.reality_short_ids].split(','), 1)[0]
+        # base['flow']="xtls-rprx-vision"
+        base['reality_pbk'] = hconfigs[ConfigEnum.reality_public_key]
+        # del base['host']
+
+        # if not domain_db.cdn_ip:
+        #     base['server']=hiddify.get_domain_ip(base['server'])
+
+    return base
+
+def put_default_header(parmas:dict):
+    
+    if not isinstance(parmas.get('headers'),dict):
+        parmas['headers']={}
+        
+    if not parmas['headers'].get('User-Agent'):
+        parmas['headers']['User-Agent']=hconfig(ConfigEnum.default_useragent_string)
+    if not parmas['headers'].get('Pragma'):
+        parmas['headers']['Pragma']="no-cache"
+    
+
+
 def make_proxy(hconfigs: dict, proxy: Proxy, domain_db: Domain, phttp=80, ptls=443, pport: int | None = None) -> dict:
 
     l3 = proxy.l3
@@ -254,17 +322,19 @@ def make_proxy(hconfigs: dict, proxy: Proxy, domain_db: Domain, phttp=80, ptls=4
         if proxy.l3 in [ProxyL3.h3_quic]:
             alpn = "h3"
 
-    cdn_forced_host = domain_db.cdn_ip or (domain_db.domain if domain_db.mode != DomainType.reality else hutils.network.get_direct_host_or_ip(4))
-    is_cdn = ProxyCDN.CDN == proxy.cdn or ProxyCDN.Fake == proxy.cdn
+    # cdn_forced_host = domain_db.cdn_ip or (domain_db.domain if domain_db.mode != DomainType.reality else hutils.network.get_direct_host_or_ip(4))
+    # is_cdn = ProxyCDN.CDN == proxy.cdn or ProxyCDN.Fake == proxy.cdn
+    domain_data=sni_host_server_extractor(domain_db, hconfigs)
     base = {
+        **domain_data,
         'name': name,
-        'cdn': is_cdn,
-        'mode': "CDN" if is_cdn else "direct",
+        # 'cdn': is_cdn,
+        # 'mode': "CDN" if is_cdn else "direct",
         'l3': l3,
-        'host': domain,
+        # 'host': domain,
         'port': port,
-        'server': cdn_forced_host,
-        'sni': domain_db.servernames if is_cdn and domain_db.servernames else domain,
+        # 'server': cdn_forced_host,
+        # 'sni': domain_db.servernames if is_cdn and domain_db.servernames else domain,
         'uuid': str(g.account.uuid),
         'proto': proxy.proto,
         'transport': proxy.transport,
@@ -272,10 +342,29 @@ def make_proxy(hconfigs: dict, proxy: Proxy, domain_db: Domain, phttp=80, ptls=4
         'alpn': alpn,
         'extra_info': f'{domain_db.alias or domain}',
         'fingerprint': hconfigs[ConfigEnum.utls],
-        'allow_insecure': domain_db.mode == DomainType.fake or "Fake" in proxy.cdn,
+        # 'allow_insecure': domain_db.mode == DomainType.fake or "Fake" in proxy.cdn,
         'dbe': proxy,
-        'dbdomain': domain_db
+        'dbdomain': domain_db,
+        'params': proxy.params or {},
     }
+    put_default_header(base['params'])
+
+    
+    if domain_db.download_domain:
+        base['download'] = sni_host_server_extractor(domain_db.download_domain,hconfigs)
+    else:
+        base['download']=domain_data
+        
+    if 'download' not in base['params']:
+        base['params']['download']={}
+    base['download']['params']=base['params']['download']
+    put_default_header(base['download']['params'])
+
+    base['download']['alpn']=base['params']['download'].get('alpn',alpn)
+
+        
+
+            
     if proxy.proto in ['tuic', 'hysteria2']:
         base['alpn'] = "h3"
         if proxy.proto == 'hysteria2':
@@ -297,36 +386,8 @@ def make_proxy(hconfigs: dict, proxy: Proxy, domain_db: Domain, phttp=80, ptls=4
     if proxy.proto in [ProxyProto.vmess]:
         base['cipher'] = "auto"  # "chacha20-poly1305"
 
-    if l3 in ['reality']:
-        base['reality_short_id'] = random.sample(hconfigs[ConfigEnum.reality_short_ids].split(','), 1)[0]
-        # base['flow']="xtls-rprx-vision"
-        base['reality_pbk'] = hconfigs[ConfigEnum.reality_public_key]
-        if (domain_db.servernames):
-            all_servernames = re.split('[ \t\r\n;,]+', domain_db.servernames)
-            base['sni'] = random.sample(all_servernames, 1)[0]
-            if hconfigs[ConfigEnum.core_type] == "singbox":
-                base['sni'] = all_servernames[0]
-        else:
-            base['sni'] = domain_db.domain
-
-        del base['host']
-        if base.get('fingerprint'):
-            base['fingerprint'] = hconfigs[ConfigEnum.utls]
-        # if not domain_db.cdn_ip:
-        #     base['server']=hiddify.get_domain_ip(base['server'])
-
-    if "Fake" in proxy.cdn:
-        if not hconfigs[ConfigEnum.domain_fronting_domain]:
-            return {'name': name, 'msg': "no domain_fronting_domain", 'type': 'debug', 'proto': proxy.proto}
-        if l3 == "http" and not hconfigs[ConfigEnum.domain_fronting_http_enable]:
-            return {'name': name, 'msg': "no http in domain_fronting_domain", 'type': 'debug', 'proto': proxy.proto}
-        if l3 == "tls" and not hconfigs[ConfigEnum.domain_fronting_tls_enable]:
-            return {'name': name, 'msg': "no tls in domain_fronting_domain", 'type': 'debug', 'proto': proxy.proto}
-        base['server'] = hconfigs[ConfigEnum.domain_fronting_domain]
-        base['sni'] = hconfigs[ConfigEnum.domain_fronting_domain]
-        # base["host"]=domain
-        base['mode'] = 'Fake'
-    elif l3 == "http" and not hconfigs[ConfigEnum.http_proxy_enable]:
+    
+    if l3 == "http" and not hconfigs[ConfigEnum.http_proxy_enable]:
         return {'name': name, 'msg': "http but http is disabled ", 'type': 'debug', 'proto': proxy.proto}
 
     path = {
@@ -361,7 +422,7 @@ def make_proxy(hconfigs: dict, proxy: Proxy, domain_db: Domain, phttp=80, ptls=4
         return base
     elif "shadowsocks" in proxy.transport:
         return base
-    if proxy.l3 in [ProxyL3.reality] and  proxy.transport in [ProxyTransport.XTLS,ProxyTransport.xhttp]:
+    if proxy.l3 in [ProxyL3.reality] and proxy.transport in [ProxyTransport.tcp]:
         base['flow'] = 'xtls-rprx-vision'
         return {**base, 'transport': 'tcp'}
 
@@ -380,7 +441,7 @@ def make_proxy(hconfigs: dict, proxy: Proxy, domain_db: Domain, phttp=80, ptls=4
                 base['mux_brutal_up_mbps'] = hconfigs.get(ConfigEnum.mux_brutal_up_mbps, 10)
                 base['mux_brutal_down_mbps'] = hconfigs.get(ConfigEnum.mux_brutal_down_mbps, 10)
 
-    if is_cdn and proxy.proto in {'vless', 'trojan', "vmess"}:
+    if base['cdn'] and proxy.proto in {'vless', 'trojan', "vmess"}:
         if hconfigs[ConfigEnum.tls_fragment_enable] and "tls" in base["l3"]:
             base["tls_fragment_enable"] = True
             base["tls_fragment_size"] = hconfigs[ConfigEnum.tls_fragment_size]
@@ -402,6 +463,7 @@ def make_proxy(hconfigs: dict, proxy: Proxy, domain_db: Domain, phttp=80, ptls=4
         base['transport'] = 'tcp'
         base['path'] = f'/{path[base["proto"]]}{hconfigs[ConfigEnum.path_tcp]}'
         return base
+    
     if proxy.transport in ["ws", "WS"]:
         base['transport'] = 'ws'
         base['path'] = f'/{path[base["proto"]]}{hconfigs[ConfigEnum.path_ws]}'
@@ -413,14 +475,14 @@ def make_proxy(hconfigs: dict, proxy: Proxy, domain_db: Domain, phttp=80, ptls=4
         base['path'] = f'/{path[base["proto"]]}{hconfigs[ConfigEnum.path_httpupgrade]}'
         base["host"] = domain
         return base
+    
     if proxy.transport in [ProxyTransport.xhttp]:
         base['transport'] = 'xhttp'
         base['path'] = f'/{path[base["proto"]]}{hconfigs[ConfigEnum.path_xhttp]}'
-        # if 0 and 'h2' in base['alpn'] or 'h3' in base['alpn']:
-        #     base['path'] += "2"
-        # else:
-        #     base['path'] += "1"
-        base["host"] = domain
+        base['xhttp_mode']=base['params'].get('mode',"auto")
+        if dl:=base.get('download'):
+            dl['path']=base['path']
+            dl['xhttp_mode']=dl['params'].get('mode',"auto")
         return base
 
     if proxy.transport == "grpc":
@@ -437,7 +499,7 @@ def make_proxy(hconfigs: dict, proxy: Proxy, domain_db: Domain, phttp=80, ptls=4
         return base
     if ProxyProto.ssh == proxy.proto:
         base['private_key'] = g.account.ed25519_private_key
-        base['host_keys'] = hutils.proxy.get_ssh_hostkeys(hconfigs,False)
+        base['host_keys'] = hutils.proxy.get_ssh_hostkeys(hconfigs, False)
         # base['ssh_port'] = hconfig(ConfigEnum.ssh_server_port)
         return base
     return {'name': name, 'msg': 'not valid', 'type': 'error', 'proto': proxy.proto}

hiddifypanel/hutils/proxy/xray.py

@@ -4,7 +4,7 @@ from flask import request, g
 from hiddifypanel import hutils
 from hiddifypanel.models import ProxyTransport, ProxyL3, ProxyProto, Domain, User, ConfigEnum, hconfig
 from flask_babel import gettext as _
-
+from urllib.parse import urlencode,quote
 OUTBOUND_LEVEL = 8
 
 
@@ -43,16 +43,18 @@ def to_link(proxy: dict) -> str | dict:
                       "host": proxy.get("host", ""),
                       "alpn": proxy.get("alpn", "h2,http/1.1"),
                       "path": proxy["path"] if "path" in proxy else "",
-                      "tls": "tls" if "tls" in proxy["l3"] else "",
+                      "tls": "tls" if "tls" in proxy["l3"] or "quic" in proxy['l3'] else "",
                       "sni": proxy["sni"],
                       "fp": proxy["fingerprint"]
                       }
-
+        
         if 'reality' in proxy["l3"]:
             vmess_data['tls'] = "reality"
             vmess_data['pbk'] = proxy['reality_pbk']
             vmess_data['sid'] = proxy['reality_short_id']
-
+        if proxy.get('transport') in {ProxyTransport.xhttp}:
+            vmess_data['core']='xray'
+            _add_xhttp_extra(vmess_data,proxy)
         add_tls_tricks_to_dict(vmess_data, proxy)
         add_mux_to_dict(vmess_data, proxy)
 
@@ -102,52 +104,72 @@ def to_link(proxy: dict) -> str | dict:
             # f'wg://{proxy["server"]}:{proxy["port"]}/?pk={proxy["wg_pk"]}&local_address={proxy["wg_ipv4"]}/32&peer_pk={proxy["wg_server_pub"]}&pre_shared_key={proxy["wg_psk"]}&workers=4&mtu=1380&reserved=0,0,0&ifp={proxy["wg_noise_trick"]}#{name_link}'
             return f'wg://{proxy["server"]}:{proxy["port"]}?publicKey={proxy["wg_pub"]}&privateKey={proxy["wg_pk"]}=&presharedKey={proxy["wg_psk"]}&ip=10.0.0.1&mtu=1380&keepalive=30&udp=1&reserved=0,0,0&ifp={proxy["wg_noise_trick"]}#{name_link}'
 
-    baseurl = f'{proxy["proto"]}://{proxy["uuid"]}@{proxy["server"]}:{proxy["port"]}?hiddify=1'
-    baseurl += f'&sni={proxy["sni"]}&type={proxy["transport"]}'
-    baseurl += f"&alpn={proxy['alpn']}"
+
+    baseurl = f'{proxy["proto"]}://{proxy["uuid"]}@{proxy["server"]}:{proxy["port"]}'
+    
+    q = {
+        'hiddify': 1,
+        'sni': proxy['sni'],
+        'type': proxy['transport'],
+        'alpn': proxy['alpn']
+    }
 
     # the ray2sing supports vless, vmess and trojan tls tricks and mux
     # the vmess handled already
 
-    baseurl += add_mux_to_link(proxy)
-    baseurl += add_tls_tricks_to_link(proxy)
-
+    add_mux_to_dict(q,proxy)
+    add_tls_tricks_to_dict(q,proxy)
+    if "path" in proxy:
+        q['path']=proxy["path"]
+    if "host" in proxy :
+        q['host']=proxy["host"]
     # infos+=f'&alpn={proxy["alpn"]}'
-    baseurl += f'&path={proxy["path"]}' if "path" in proxy else ""
-    baseurl += f'&host={proxy["host"]}' if "host" in proxy else ""
+    
     if "grpc" == proxy["transport"]:
-        baseurl += f'&serviceName={proxy["grpc_service_name"]}&mode={proxy["grpc_mode"]}'
+        q['serviceName']=proxy["grpc_service_name"]
+        q['mode']=proxy["grpc_mode"]
     # print(proxy['cdn'],proxy["transport"])
     if request.args.get("fragment"):
-        baseurl += f'&fragment=' + request.args.get("fragment")  # type: ignore
+        q['fragment']= request.args.get("fragment")  # type: ignore
     if "ws" == proxy["transport"] and proxy['cdn'] and request.args.get("fragment_v1"):
-        baseurl += f'&fragment_v1=' + request.args.get("fragment_v1")  # type: ignore
+        q['fragment_v1']= request.args.get("fragment_v1")  # type: ignore
     if 'vless' == proxy['proto']:
-        baseurl += "&encryption=none"
+        q['encryption']='none'
+
     if proxy.get('fingerprint', 'none') != 'none':
-        baseurl += "&fp=" + proxy['fingerprint']
+        q['fp']=proxy['fingerprint']
     if proxy.get('transport') in {ProxyTransport.xhttp}:
-        baseurl += "&core=xray"
+        q['core']='xray'
+        _add_xhttp_extra(q,proxy)
     if proxy['l3'] != 'quic':
         if proxy.get('l3') != ProxyL3.reality and (proxy.get('transport') in {ProxyTransport.tcp, ProxyTransport.httpupgrade, ProxyTransport.xhttp}) and proxy['proto'] in [ProxyProto.vless, ProxyProto.trojan]:
-            baseurl += '&headerType=http'
+            q['headerType']='http'
         else:
-            baseurl += '&headerType=None'
+            q['headerType']='none'
 
     if proxy['mode'] == 'Fake' or proxy['allow_insecure']:
-        baseurl += "&allowInsecure=true"
+        q['allowInsecure']='true'
+        q['insecure']='true'
     if proxy.get('flow'):
-        baseurl += f'&flow={proxy["flow"]}'
-
-    infos = f'#{name_link}'
+        q['flow']=proxy["flow"]
 
+    
     if 'reality' in proxy["l3"]:
-        return f"{baseurl}&security=reality&pbk={proxy['reality_pbk']}&sid={proxy['reality_short_id']}{infos}"
-    if 'tls' in proxy['l3'] or "quic" in proxy['l3']:
-        return f'{baseurl}&security=tls{infos}'
-    if proxy['l3'] == 'http':
-        return f'{baseurl}&security=none{infos}'
-    return proxy
+        q['security']='reality'
+        q['pbk']=proxy['reality_pbk']
+        q['sid']=proxy['reality_short_id']
+
+        
+    elif 'tls' in proxy['l3'] or "quic" in proxy['l3']:
+        q['security']='tls'
+        
+    elif proxy['l3'] == 'http':
+        q['security']='none'
+    
+    for k,v in q['params'].items():
+        if k not in q:
+            q[k]=v
+    return f"{baseurl}?{urlencode(q,quote_via=quote)}#{name_link}"
 
 
 def make_v2ray_configs(domains: list[Domain], user: User, expire_days: int, ip_debug=None) -> str:
@@ -230,13 +252,8 @@ def add_mux_to_dict(d: dict, proxy):
         d['muxdown'] = proxy["mux_brutal_down_mbps"]
 
 
-def add_tls_tricks_to_link(proxy: dict) -> str:
-    out = {}
-    add_tls_tricks_to_dict(out, proxy)
-    return hutils.encode.convert_dict_to_url(out)
-
-
-def add_mux_to_link(proxy: dict) -> str:
-    out = {}
-    add_mux_to_dict(out, proxy)
-    return hutils.encode.convert_dict_to_url(out)
+def _add_xhttp_extra(d:dict,proxy):
+    from .xrayjson import _add_xhttp_details
+    xhttp_dict={}
+    _add_xhttp_details(xhttp_dict,proxy)
+    d['extra']=json.dumps(xhttp_dict['xhttpSettings']['extra'],separators=(',', ':'))