2.0.6 (#42)

2.0.6
---
- RELEASE: v2.0.6正式版发布;祝各位新春快乐!
- CHANGE: 优化前端的连接转换逻辑
- CHANGE: 优化代码内不必要的函数化, 1.4之后, 函数化疑似有点太多了
- 优化`HTTP Client`参数
- CHANGE: 为api路由组增加no-cache标头

.github/workflows/build-dev.yml

@@ -4,7 +4,7 @@ on:
   workflow_dispatch:
   push:
     branches:
-      - 'main'
+      - 'dev'
     paths:
       - 'DEV-VERSION'
 
@@ -17,10 +17,12 @@ jobs:
         goarch: [amd64, arm64]
     env:
       OUTPUT_BINARY: ghproxy
-      GO_VERSION: 1.23.4
+      GO_VERSION: 1.23.5
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+        with:
+          ref: dev
       - name: 加载版本号
         run: |
           if [ -f DEV-VERSION ]; then
@@ -76,6 +78,8 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v4
+        with:
+          ref: dev
       - name: Load VERSION
         run: |
           if [ -f DEV-VERSION ]; then
@@ -104,4 +108,4 @@ jobs:
           push: true
           tags: | 
             ${{ env.IMAGE_NAME }}:${{ env.VERSION }}
-            ${{ env.IMAGE_NAME }}:dev
+            ${{ env.IMAGE_NAME }}:dev

.github/workflows/build.yml

@@ -17,7 +17,7 @@ jobs:
         goarch: [amd64, arm64]
     env:
       OUTPUT_BINARY: ghproxy
-      GO_VERSION: 1.23.4
+      GO_VERSION: 1.23.5
 
     steps:
       - uses: actions/checkout@v3
@@ -101,44 +101,4 @@ jobs:
           push: true
           tags: | 
             ${{ env.IMAGE_NAME }}:${{ env.VERSION }}
-            ${{ env.IMAGE_NAME }}:latest
-
-  docker-nocache:
-    runs-on: ubuntu-latest 
-    needs: build  # 确保这个作业在 build 作业完成后运行
-    env:
-      IMAGE_NAME: wjqserver/ghproxy  # 定义镜像名称变量
-      DOCKERFILE: docker/dockerfile/nocache/Dockerfile  # 定义 Dockerfile 路径变量
-          
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: Load VERSION
-        run: |
-          if [ -f VERSION ]; then
-            echo "VERSION=$(cat VERSION)" >> $GITHUB_ENV
-          else
-            echo "VERSION file not found!" && exit 1
-          fi
-          
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-          
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-          
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-          
-      - name: 构建镜像
-        uses: docker/build-push-action@v6
-        with:
-          file: ./${{ env.DOCKERFILE }}
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: | 
-            ${{ env.IMAGE_NAME }}:${{ env.VERSION }}-nocache
-            ${{ env.IMAGE_NAME }}:nocache
+            ${{ env.IMAGE_NAME }}:latest

.gitignore

@@ -1,3 +1,4 @@
+demo
 demo.toml
 *.log
 *.bak

CHANGELOG.md

@@ -1,5 +1,145 @@
 # 更新日志
 
+2.0.6
+---
+- RELEASE: v2.0.6正式版发布;祝各位新春快乐!
+- CHANGE: 优化前端的连接转换逻辑
+- CHANGE: 优化代码内不必要的函数化, 1.4之后, 函数化疑似有点太多了
+- 优化`HTTP Client`参数
+- CHANGE: 为api路由组增加no-cache标头
+
+25w10b
+---
+- PRE-RELEASE: 此版本是v2.0.6的预发布版本,请勿在生产环境中使用;祝各位新春快乐!
+- CHANGE: 为api路由组增加no-cache标头
+
+25w10a
+---
+- PRE-RELEASE: 此版本是v2.0.6的预发布版本,请勿在生产环境中使用;祝各位新春快乐!
+- CHANGE: 改进前端的连接转换逻辑
+- CHANGE: 优化代码内不必要的函数化, 1.4之后, 函数化疑似有点太多了
+- 优化`HTTP Client`参数
+
+2.0.5
+---
+- RELEASE: v2.0.5正式版发布;
+- CHANGE: 优化响应体分块复制实现
+- ADD: 加入缓存池
+- CHANGE: 改进缓存实现
+- CHANGE: 部分杂项改进
+
+25w09b
+---
+- PRE-RELEASE: 此版本是v2.0.5的预发布版本,请勿在生产环境中使用;
+- REMOVE: 移除残留配置
+
+25w09a
+---
+- PRE-RELEASE: 此版本是v2.0.5的预发布版本,请勿在生产环境中使用;
+- CHANGE: 改进缓存实现
+- ADD: 加入缓存池
+
+2.0.4
+---
+- RELEASE: v2.0.4正式版发布;
+- CHANGE: 优化GitReq的`HTTP Client`参数, 使其更符合本项目使用场景
+- CHANGE: 优化Matches
+- REMOVE: 移除Caddyfile残留
+- REMOVE: 由于v2改进后稳定性增强, 故移除健康检测
+
+25w08b
+---
+- PRE-RELEASE: 此版本是v2.0.4的预发布版本,请勿在生产环境中使用;
+- REMOVE: 由于v2改进后稳定性增强, 故移除健康检测
+
+25w08a
+---
+- PRE-RELEASE: 此版本是v2.0.4的预发布版本,请勿在生产环境中使用;
+- CHANGE: 优化GitReq的`HTTP Client`参数, 使其更符合本项目使用场景
+- CHANGE: 优化Matches
+- REMOVE: 移除Caddyfile残留
+
+2.0.3
+---
+- RELEASE: v2.0.3正式版发布;
+- CHANGE: 优化`HTTP Client`参数, 使其更符合本项目使用场景
+
+25w07b
+---
+- PRE-RELEASE: 此版本是v2.0.3的预发布版本,请勿在生产环境中使用;
+- CHANGE: 改进`HTTP Client`参数
+
+25w07a
+---
+- PRE-RELEASE: 此版本是v2.0.3的预发布版本,请勿在生产环境中使用;
+- CHANGE: 为`HTTP Client`增加复用, 对性能有所优化
+- CHANGE: 优化`HTTP Client`参数, 使其更符合本项目使用场景
+
+2.0.2
+---
+- RELEASE: v2.0.2正式版发布; 此版本是v2.0.1改进
+- CHANGE: 由于用户使用了不符合`RFC 9113`规范的请求头, 导致`ghproxy`无法正常工作, 在此版本为用户的错误行为提供补丁; 
+
+25w06b
+---
+- PRE-RELEASE: 此版本是改进验证版本,普通用户请勿使用; 
+- CHANGE: 由于用户使用了不符合`RFC 9113`规范的请求头, 导致`ghproxy`无法正常工作, 在此版本为用户的错误行为提供补丁; 
+
+25w06a
+---
+- PRE-RELEASE: 此版本是改进验证版本,普通用户请勿使用; 
+- CHANGE: Remove `Conection: Upgrade` header, which is not currently supported by some web server configurations.
+
+v2.0.1
+---
+- RELEASE: v2.0.1正式版发布; 此版本是v2.0.0的小修复版本, 主要修复了Docker启动脚本存在的一些问题
+- FIX: 修复Docker启动脚本存在的一些问题
+
+25w05a
+---
+- PRE-RELEASE: 此版本是v2.0.1的候选版本,请勿在生产环境中使用;
+- FIX: 修复Docker启动脚本存在的一些问题
+
+2.0.0
+---
+- RELEASE: v2.0.0正式版发布; 此版本圆了几个月前画的饼, 在大文件下载的内存占用方面做出了巨大改进
+- CHANGE: 优化`proxy`核心模块, 使用Chuncked Buffer传输数据, 减少内存占用
+- REMOVE: caddy
+- REMOVE: nocache
+- CHANGE: 优化前端页面, 增加更多功能(来自1.8.1版本, 原本也是为v2所设计的)
+
+25w04c
+---
+- PRE-RELEASE: 此版本是v2的候选版本,请勿在生产环境中使用;
+- CHANGE: 大幅优化`proxy`核心模块, 使用Chuncked Buffer传输数据, 减少内存占用
+
+v1.8.3
+---
+- RELEASE: v1.8.3, 此版本作为v1.8.2的依赖更新版本(在v2发布前, v1仍会进行漏洞修复)
+- CHANGE: 更新Go版本至`1.23.5`以解决CVE漏洞
+
+25w04b
+---
+- PRE-RELEASE: 此版本是v2的候选版本(技术验证版),请勿在生产环境中使用; 我们可能会撤除v2更新计划(若技术验证版顺利通过, 则会发布v2正式版)
+- REMOVE: caddy
+
+25w04a
+---
+- PRE-RELEASE: 此版本是v2的候选版本(技术验证版),请勿在生产环境中使用; 我们可能会撤除v2更新计划(若技术验证版顺利通过, 则会发布v2正式版)
+- CHANGE: 大幅修改核心组件
+
+1.8.2
+---
+- RELEASE: v1.8.2正式版发布; 这或许会是v1的最后一个版本
+- FIX: 修复部分日志表述错误
+- CHANGE: 关闭`gin`框架的`fmt`日志打印, 在高并发场景下提升一定性能(go 打印终端日志性能较差，可能造成性能瓶颈)
+
+25w03a
+---
+- PRE-RELEASE: 此版本是v1.8.2的候选预发布版本,请勿在生产环境中使用
+- FIX: 修复部分日志表述错误
+- CHANGE: 关闭`gin`框架的`fmt`日志打印, 在高并发场景下提升一定性能(go 打印终端日志性能较差，可能造成性能瓶颈)
+
 1.8.1
 ---
 - RELEASE: v1.8.1正式版发布; 此版本发布较为仓促, 用于修复caddy2.9.0导致的问题

DEV-VERSION

@@ -1 +1 @@
-25w02a
+25w10b

README.md

@@ -1,6 +1,7 @@
 # GHProxy
 
 ![pull](https://img.shields.io/docker/pulls/wjqserver/ghproxy.svg)
+![Docker Image Size (tag)](https://img.shields.io/docker/image-size/wjqserver/ghproxy/latest)
 [![Go Report Card](https://goreportcard.com/badge/github.com/WJQSERVER-STUDIO/ghproxy)](https://goreportcard.com/report/github.com/WJQSERVER-STUDIO/ghproxy)
 
 使用Go实现的GHProxy,用于加速部分地区Github仓库的拉取,支持速率限制,用户鉴权,支持Docker部署
@@ -15,14 +16,12 @@
 
 ### 项目特点
 
-- 基于Go语言实现,使用[Gin框架](https://github.com/gin-gonic/gin)与[req库](https://github.com/imroc/req)]
+- 基于Go语言实现,使用[Gin框架](https://github.com/gin-gonic/gin)
 - 支持Git clone,raw,realeases等文件拉取
 - 支持Docker部署
 - 支持速率限制
 - 支持用户鉴权
 - 支持自定义黑名单/白名单
-- 符合[RFC 7234](https://httpwg.org/specs/rfc7234.html)的HTTP Cache
-- 使用Caddy作为Web Server
 - 基于[WJQSERVER-STUDIO/golang-temp](https://github.com/WJQSERVER-STUDIO/golang-temp)模板构建,具有标准化的日志记录与构建流程
 
 ### 项目开发过程
@@ -30,6 +29,7 @@
 **本项目是[WJQSERVER-STUDIO/ghproxy-go](https://github.com/WJQSERVER-STUDIO/ghproxy-go)的重构版本,实现了原项目原定功能的同时,进一步优化了性能**
 关于此项目的详细开发过程,请参看Commit记录与[CHANGELOG.md](https://github.com/WJQSERVER-STUDIO/ghproxy/blob/main/CHANGELOG.md)
 
+- V2.0.0 对`proxy`核心模块进行了重构,大幅优化内存占用
 - V1.0.0 迁移至本仓库,并再次重构内容实现
 - v0.2.0 重构项目实现
 
@@ -42,8 +42,10 @@
 ## 使用示例
 
 ```
+# 下载文件
 https://ghproxy.1888866.xyz/raw.githubusercontent.com/WJQSERVER-STUDIO/tools-stable/main/tools-stable-ghproxy.sh
 
+# 克隆仓库
 git clone https://ghproxy.1888866.xyz/github.com/WJQSERVER-STUDIO/ghproxy.git
 ```
 
@@ -54,7 +56,7 @@ git clone https://ghproxy.1888866.xyz/github.com/WJQSERVER-STUDIO/ghproxy.git
 - Docker-cli
 
 ```
-docker run -p 7210:80 -v ./ghproxy/log/run:/data/ghproxy/log -v ./ghproxy/log/caddy:/data/caddy/log -v ./ghproxy/config:/data/ghproxy/config  --restart always wjqserver/ghproxy
+docker run -p 7210:8080 -v ./ghproxy/log/run:/data/ghproxy/log -v ./ghproxy/log/caddy:/data/caddy/log -v ./ghproxy/config:/data/ghproxy/config  --restart always wjqserver/ghproxy
 ```
 
 - Docker-Compose (建议使用)
@@ -78,7 +80,7 @@ wget -O install.sh https://raw.githubusercontent.com/WJQSERVER-STUDIO/ghproxy/ma
 
 ```toml
 [server]
-host = "127.0.0.1"  # 监听地址
+host = "0.0.0.0"  # 监听地址
 port = 8080  # 监听端口
 sizeLimit = 125 # 125MB
 enableH2C = "on"  # 是否开启H2C传输(latest和dev版本请开启) on/off
@@ -109,7 +111,7 @@ whitelistFile = "/data/ghproxy/config/whitelist.json"  # 白名单文件路径
 
 [rateLimit]
 enabled = false  # 是否开启速率限制
-rateMrthod = "total" # "ip" or "total" 速率限制方式
+rateMethod = "total" # "ip" or "total" 速率限制方式
 ratePerMinute = 180  # 每分钟限制请求数量
 burst = 5  # 突发请求数量
 ```
@@ -148,10 +150,6 @@ burst = 5  # 突发请求数量
 example.com {
     reverse_proxy {
         to 127.0.0.1:7210
-        header_up X-Real-IP {remote_host}	    
-        header_up X-Real-IP {http.request.header.CF-Connecting-IP}
-        header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
-        header_up X-Forwarded-Proto {http.request.header.CF-Visitor}
     }
     encode zstd gzip    
 }
@@ -159,11 +157,5 @@ example.com {
 
 ### 前端页面
 
-![ghproxy-demo.png](https://webp.wjqserver.com/ghproxy/ghproxy-demo-v1.7.0-mobile-night.png)
-
-结语
----
-
-本项目基于Go语言实现,使用Gin框架与req库
-Docker镜像基于[WJQSERVER-STUDIO/caddy](https://github.com/WJQSERVER-STUDIO/caddy)
-本项目使用WSL LICENSE Version1.2 (WJQSERVER STUDIO LICENSE Version1.2) 授权协议,请遵守相关条例。
+![ghproxy-demo.png](https://webp.wjqserver.com/ghproxy/1.8.1-light.png)
+![ghproxy-demo-dark.png](https://webp.wjqserver.com/ghproxy/1.8.1-dark.png)

VERSION

@@ -1 +1 @@
-1.8.1
+2.0.6

api/api.go

@@ -20,8 +20,18 @@ var (
 	logError   = logger.LogError
 )
 
+func NoCacheMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// 设置禁止缓存的响应头
+		c.Header("Cache-Control", "no-store, no-cache, must-revalidate")
+		c.Header("Pragma", "no-cache")
+		c.Header("Expires", "0")
+		c.Next() // 继续处理请求
+	}
+}
+
 func InitHandleRouter(cfg *config.Config, router *gin.Engine, version string) {
-	apiRouter := router.Group("api")
+	apiRouter := router.Group("api", NoCacheMiddleware())
 	{
 		apiRouter.GET("/size_limit", func(c *gin.Context) {
 			SizeLimitHandler(cfg, c)

caddyfile/dev/Caddyfile

@@ -1,102 +0,0 @@
-{
-    debug
-    http_port 80
-    https_port 443
-    order cache before rewrite
-    cache {
-        cache_name GHProxyCache
-    }
-    log {
-        level INFO
-        output file /data/caddy/log/caddy.log {
-            roll_size 5MB
-            roll_keep 10
-        }            
-    }
-    servers :80 {
-        protocols h1 h2c
-    }
-}
-
-(log) {
-    log {
-        format transform `{request>headers>X-Forwarded-For>[0]:request>remote_ip} - {user_id} [{ts}] "{request>method} {request>uri} {request>proto}" {status} {size} "{request>headers>Referer>[0]}" "{request>headers>User-Agent>[0]}"` {
-            time_format "02/Jan/2006:15:04:05 -0700"
-        }
-	    output file /data/caddy/log/{args[0]}/access.log {
-	        roll_size 5MB
-	        roll_keep 10
-	        roll_keep_for 24h
-	    }
-    }
-}
-
-(error_page) {
-    handle_errors {
-	    rewrite * /{err.status_code}.html
-	    root * /data/caddy/pages/errors
-        file_server
-    }
-}
-
-(encode) {
-    encode {
-        zstd best
-        br 5 v2
-        gzip 5
-        minimum_length 512
-    }
-}
-
-(cache) {
-    cache {
-         allowed_http_verbs GET
-         stale {args[0]}
-         ttl {args[1]}
-    }    
-}
-
-(header_realip) {
-    header_up X-Real-IP {remote_host}	    
-	header_up X-Real-IP {http.request.header.CF-Connecting-IP}
-	header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
-	header_up X-Forwarded-Proto {http.request.header.CF-Visitor}
-}
-
-(rate_limit) {
-    route /* {
-        rate_limit {remote.ip} {args[0]}r/m 10000 429
-    }    
-}
-
-:80 {
-    reverse_proxy {
-        to 127.0.0.1:8080
-        import header_realip
-        transport http {
-            versions 1.1 h2c
-        }
-    }
-    import log ghproxy
-    import cache 0s 300s
-    import error_page  
-    import encode
-    import rate_limit 60 
-    route / {
-        root /data/www
-        file_server
-        import cache 0s 24h
-    }
-    route /favicon.ico {
-        root /data/www
-        file_server
-        import cache 0s 24h
-    }
-
-    route /api* {
-        rate_limit {remote.ip} 15r/m 10000 429
-        import cache 0s 6h
-    }   
-}
-
-import /data/caddy/config.d/*

caddyfile/nocache/Caddyfile

@@ -1,99 +0,0 @@
-{
-    debug
-    http_port 80
-    https_port 443
-    order cache before rewrite
-    cache {
-        cache_name GHProxyCache
-    }
-    log {
-        level INFO
-        output file /data/caddy/log/caddy.log {
-            roll_size 5MB
-            roll_keep 10
-        }            
-    }
-    servers :80 {
-        protocols h1 h2c
-    }
-}
-
-
-(log) {
-    log {
-        format transform `{request>headers>X-Forwarded-For>[0]:request>remote_ip} - {user_id} [{ts}] "{request>method} {request>uri} {request>proto}" {status} {size} "{request>headers>Referer>[0]}" "{request>headers>User-Agent>[0]}"` {
-            time_format "02/Jan/2006:15:04:05 -0700"
-        }
-	    output file /data/caddy/log/{args[0]}/access.log {
-	        roll_size 5MB
-	        roll_keep 10
-	        roll_keep_for 24h
-	    }
-    }
-}
-
-(error_page) {
-    handle_errors {
-	    rewrite * /{err.status_code}.html
-	    root * /data/caddy/pages/errors
-        file_server
-    }
-}
-
-(encode) {
-    encode {
-        zstd best
-        br 5 v2
-        gzip 5
-        minimum_length 256
-    }
-}
-
-(cache) {
-    cache {
-         allowed_http_verbs GET
-         stale {args[0]}
-         ttl {args[1]}
-    }    
-}
-
-(header_realip) {
-    header_up X-Real-IP {remote_host}	    
-	header_up X-Real-IP {http.request.header.CF-Connecting-IP}
-	header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
-	header_up X-Forwarded-Proto {http.request.header.CF-Visitor}
-}
-
-(rate_limit) {
-    route /* {
-        rate_limit {remote.ip} {args[0]}r/m 10000 429
-    }    
-}
-
-:80 {
-    reverse_proxy {
-        to h2c://127.0.0.1:8080
-        import header_realip
-    }
-    import log ghproxy
-    import error_page  
-    import encode
-    import rate_limit 60  
-    route / {
-        root /data/www
-        file_server
-		import cache 300s
-    }
-    route /favicon.ico {
-        root /data/www
-        file_server
-		import cache 300s
-    }
-    
-    route /api* {
-        rate_limit {remote.ip} 15r/m 10000 429
-		import cache 300s
-    }
-}
-
-import /data/caddy/config.d/*

caddyfile/release/Caddyfile

@@ -1,103 +0,0 @@
-{
-    debug
-    http_port 80
-    https_port 443
-    order cache before rewrite
-    cache {
-        cache_name GHProxyCache
-    }
-    log {
-        level INFO
-        output file /data/caddy/log/caddy.log {
-            roll_size 5MB
-            roll_keep 10
-        }
-    }
-    servers :80 {
-        protocols h1 h2c
-    }    
-}
-
-(log) {
-    log {
-        format transform `{request>headers>X-Forwarded-For>[0]:request>remote_ip} - {user_id} [{ts}] "{request>method} {request>uri} {request>proto}" {status} {size} "{request>headers>Referer>[0]}" "{request>headers>User-Agent>[0]}"` {
-            time_format "02/Jan/2006:15:04:05 -0700"
-        }
-	    output file /data/caddy/log/{args[0]}/access.log {
-	        roll_size 5MB
-	        roll_keep 10
-	        roll_keep_for 24h
-	    }
-    }
-}
-
-(error_page) {
-    handle_errors {
-	    rewrite * /{err.status_code}.html
-	    root * /data/caddy/pages/errors
-        file_server
-    }
-}
-
-(encode) {
-    encode {
-        zstd best
-        br 5 v2
-        gzip 5
-        minimum_length 512
-    }
-}
-
-(cache) {
-    cache {
-         allowed_http_verbs GET
-         stale {args[0]}
-         ttl {args[1]}
-    }    
-}
-
-(header_realip) {
-    header_up X-Real-IP {remote_host}	    
-	header_up X-Real-IP {http.request.header.CF-Connecting-IP}
-	header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
-	header_up X-Forwarded-Proto {http.request.header.CF-Visitor}
-}
-
-(rate_limit) {
-    route /* {
-        rate_limit {remote.ip} {args[0]}r/m 10000 429
-    }    
-}
-
-:80 {
-    reverse_proxy {
-        to 127.0.0.1:8080
-        import header_realip
-        transport http {
-            versions 1.1 h2c
-        }
-    }
-    import log ghproxy
-    import cache 0s 300s
-    import error_page  
-    import encode
-    import rate_limit 60  
-    route / {
-        root /data/www
-        file_server
-        import cache 0s 24h
-    }
-    route /favicon.ico {
-        root /data/www
-        file_server
-        import cache 0s 24h
-    
-    }
-    
-    route /api* {
-        rate_limit {remote.ip} 15r/m 10000 429
-        import cache 0s 6h
-    }
-}
-
-import /data/caddy/config.d/*

config/config.toml

@@ -1,5 +1,5 @@
 [server]
-host = "127.0.0.1" 
+host = "0.0.0.0" 
 port = 8080 
 sizeLimit = 125 # MB
 enableH2C = "on" # "on" or "off"

docker/compose/docker-compose.yml

@@ -3,15 +3,9 @@ services:
     ghproxy:
         image: 'wjqserver/ghproxy:latest'
         restart: always
-        healthcheck:
-          test: ["CMD", "curl", "-f", "http://127.0.0.1:80/api/healthcheck"]
-          interval: 60s  
-          timeout: 10s  
-          retries: 3  
-          start_period: 30s  
         volumes:
             - './ghproxy/log/run:/data/ghproxy/log'
             - './ghproxy/log/caddy:/data/caddy/log'
             - './ghproxy/config:/data/ghproxy/config'
         ports:
-            - '7210:80'
+            - '7210:8080'

docker/dockerfile/dev/Dockerfile

@@ -1,4 +1,4 @@
-FROM wjqserver/caddy:2.9.1-alpine AS builder
+FROM alpine:latest AS builder
 
 ARG USER=WJQSERVER-STUDIO
 ARG REPO=ghproxy
@@ -16,32 +16,31 @@ RUN mkdir -p /data/${APPLICATION}/log
 RUN apk add --no-cache curl wget tar
 
 # 前端
-RUN wget -O /data/www/index.html https://raw.githubusercontent.com/${USER}/${REPO}/main/pages/index.html
-RUN wget -O /data/www/favicon.ico https://raw.githubusercontent.com/${USER}/${REPO}/main/pages/favicon.ico
+RUN wget -O /data/www/index.html https://raw.githubusercontent.com/${USER}/${REPO}/dev/pages/index.html
+RUN wget -O /data/www/favicon.ico https://raw.githubusercontent.com/${USER}/${REPO}/dev/pages/favicon.ico
 
 # 后端
-RUN VERSION=$(curl -s https://raw.githubusercontent.com/${USER}/${REPO}/main/DEV-VERSION) && \
+RUN VERSION=$(curl -s https://raw.githubusercontent.com/${USER}/${REPO}/dev/DEV-VERSION) && \
     wget -O /data/${APPLICATION}/${APPLICATION}-${TARGETOS}-${TARGETARCH}.tar.gz https://github.com/${USER}/${REPO}/releases/download/$VERSION/${APPLICATION}-${TARGETOS}-${TARGETARCH}.tar.gz && \
     tar -zxvf /data/${APPLICATION}/${APPLICATION}-${TARGETOS}-${TARGETARCH}.tar.gz -C /data/${APPLICATION} && \
     rm -rf /data/${APPLICATION}/${APPLICATION}-${TARGETOS}-${TARGETARCH}.tar.gz
-RUN wget -O /usr/local/bin/init.sh https://raw.githubusercontent.com/${USER}/${REPO}/main/docker/dockerfile/dev/init.sh
+RUN wget -O /usr/local/bin/init.sh https://raw.githubusercontent.com/${USER}/${REPO}/dev/docker/dockerfile/dev/init.sh
 
 # 拉取配置
-RUN wget -O /data/caddy/Caddyfile https://raw.githubusercontent.com/${USER}/${REPO}/main/caddyfile/dev/Caddyfile
-RUN wget -O /data/${APPLICATION}/config.toml https://raw.githubusercontent.com/${USER}/${REPO}/main/config/config.toml
-RUN wget -O /data/${APPLICATION}/blacklist.json https://raw.githubusercontent.com/${USER}/${REPO}/main/config/blacklist.json
-RUN wget -O /data/${APPLICATION}/whitelist.json https://raw.githubusercontent.com/${USER}/${REPO}/main/config/whitelist.json
+#RUN wget -O /data/caddy/Caddyfile https://raw.githubusercontent.com/${USER}/${REPO}/dev/caddyfile/dev/Caddyfile
+RUN wget -O /data/${APPLICATION}/config.toml https://raw.githubusercontent.com/${USER}/${REPO}/dev/config/config.toml
+RUN wget -O /data/${APPLICATION}/blacklist.json https://raw.githubusercontent.com/${USER}/${REPO}/dev/config/blacklist.json
+RUN wget -O /data/${APPLICATION}/whitelist.json https://raw.githubusercontent.com/${USER}/${REPO}/dev/config/whitelist.json
 
 # 权限
 RUN chmod +x /data/${APPLICATION}/${APPLICATION}
 RUN chmod +x /usr/local/bin/init.sh
 
-FROM wjqserver/caddy:2.9.1-alpine
+FROM alpine:latest
 
 RUN apk add --no-cache curl
 
 COPY --from=builder /data/www /data/www
-COPY --from=builder /data/caddy /data/caddy
 COPY --from=builder /data/${APPLICATION} /data/${APPLICATION}
 COPY --from=builder /usr/local/bin/init.sh /usr/local/bin/init.sh
 
@@ -49,5 +48,4 @@ COPY --from=builder /usr/local/bin/init.sh /usr/local/bin/init.sh
 RUN chmod +x /data/${APPLICATION}/${APPLICATION}
 RUN chmod +x /usr/local/bin/init.sh
 
-CMD ["/usr/local/bin/init.sh"]
-
+CMD ["/usr/local/bin/init.sh"]

docker/dockerfile/dev/init.sh

@@ -2,10 +2,6 @@
 
 APPLICATION=ghproxy
 
-if [ ! -f /data/caddy/config/Caddyfile ]; then
-    cp /data/caddy/Caddyfile /data/caddy/config/Caddyfile
-fi
-
 if [ ! -f /data/${APPLICATION}/config/blacklist.json ]; then
     cp /data/${APPLICATION}/blacklist.json /data/${APPLICATION}/config/blacklist.json
 fi
@@ -18,14 +14,4 @@ if [ ! -f /data/${APPLICATION}/config/config.toml ]; then
     cp /data/${APPLICATION}/config.toml /data/${APPLICATION}/config/config.toml
 fi
 
-/data/caddy/caddy run --config /data/caddy/config/Caddyfile > /data/${APPLICATION}/log/caddy.log 2>&1 &
-
-/data/${APPLICATION}/${APPLICATION} -cfg /data/${APPLICATION}/config/config.toml > /data/${APPLICATION}/log/run.log 2>&1 &
-
-sleep 30
-
-while [[ true ]]; do
-    # Failure Circuit Breaker
-    curl -f --max-time 5 -retry 3 http://127.0.0.1:8080/api/healthcheck || exit 1
-    sleep 120
-done    
+/data/${APPLICATION}/${APPLICATION} -cfg /data/${APPLICATION}/config/config.toml > /data/${APPLICATION}/log/run.log 2>&1 

docker/dockerfile/nocache/Dockerfile

@@ -1,52 +0,0 @@
-FROM alpine:latest AS builder
-
-ARG USER=WJQSERVER-STUDIO
-ARG REPO=ghproxy
-ARG APPLICATION=ghproxy
-ARG TARGETOS
-ARG TARGETARCH
-ARG TARGETPLATFORM
-
-# 创建文件夹
-RUN mkdir -p /data/www
-RUN mkdir -p /data/${APPLICATION}/config 
-RUN mkdir -p /data/${APPLICATION}/log 
-
-# 安装依赖
-RUN apk add --no-cache curl wget tar
-
-# 前端
-RUN wget -O /data/www/index.html https://raw.githubusercontent.com/${USER}/${REPO}/main/pages/index.html
-RUN wget -O /data/www/favicon.ico https://raw.githubusercontent.com/${USER}/${REPO}/main/pages/favicon.ico
-
-# 后端
-RUN VERSION=$(curl -s https://raw.githubusercontent.com/${USER}/${REPO}/main/VERSION) && \
-    wget -O /data/${APPLICATION}/${APPLICATION}-${TARGETOS}-${TARGETARCH}.tar.gz https://github.com/${USER}/${REPO}/releases/download/$VERSION/${APPLICATION}-${TARGETOS}-${TARGETARCH}.tar.gz && \
-    tar -zxvf /data/${APPLICATION}/${APPLICATION}-${TARGETOS}-${TARGETARCH}.tar.gz -C /data/${APPLICATION} && \
-    rm -rf /data/${APPLICATION}/${APPLICATION}-${TARGETOS}-${TARGETARCH}.tar.gz
-RUN wget -O /usr/local/bin/init.sh https://raw.githubusercontent.com/${USER}/${REPO}/main/docker/dockerfile/nocache/init.sh
-
-# 拉取配置
-#RUN wget -O /data/caddy/Caddyfile https://raw.githubusercontent.com/${USER}/${REPO}/main/caddyfile/nocache/Caddyfile
-RUN wget -O /data/${APPLICATION}/config.toml https://raw.githubusercontent.com/${USER}/${REPO}/main/docker/dockerfile/nocache/config.toml
-RUN wget -O /data/${APPLICATION}/blacklist.json https://raw.githubusercontent.com/${USER}/${REPO}/main/config/blacklist.json
-RUN wget -O /data/${APPLICATION}/whitelist.json https://raw.githubusercontent.com/${USER}/${REPO}/main/config/whitelist.json
-
-# 权限
-RUN chmod +x /data/${APPLICATION}/${APPLICATION}
-RUN chmod +x /usr/local/bin/init.sh
-
-FROM alpine:latest
-
-RUN apk add --no-cache curl
-
-COPY --from=builder /data/www /data/www
-COPY --from=builder /data/${APPLICATION} /data/${APPLICATION}
-COPY --from=builder /usr/local/bin/init.sh /usr/local/bin/init.sh
-
-# 权限
-RUN chmod +x /data/${APPLICATION}/${APPLICATION}
-RUN chmod +x /usr/local/bin/init.sh
-
-CMD ["/usr/local/bin/init.sh"]
-

docker/dockerfile/nocache/config.toml

@@ -1,37 +0,0 @@
-[server]
-host = "0.0.0.0" 
-port = 80 #修改此配置会导致容器异常
-sizeLimit = 125 # MB
-enableH2C = "off" # on / off
-debug = false
-
-[pages]
-enabled = false
-staticDir = "/data/www" 
-
-[log]
-logFilePath = "/data/ghproxy/log/ghproxy.log" 
-maxLogSize = 5 # MB
-
-[cors]
-enabled = true
-
-[auth]
-authMethod = "parameters" # "header" or "parameters"
-authToken = "token"
-enabled = false
-passThrough = false
-
-[blacklist]
-blacklistFile = "/data/ghproxy/config/blacklist.json"
-enabled = false
-
-[whitelist]
-enabled = false
-whitelistFile = "/data/ghproxy/config/whitelist.json"
-
-[rateLimit]
-enabled = false
-rateMethod = "total" # "ip" or "total"
-ratePerMinute = 180
-burst = 5

docker/dockerfile/nocache/init.sh

@@ -1,25 +0,0 @@
-#!/bin/sh
-
-APPLICATION=ghproxy
-
-if [ ! -f /data/${APPLICATION}/config/blacklist.json ]; then
-    cp /data/${APPLICATION}/blacklist.json /data/${APPLICATION}/config/blacklist.json
-fi
-
-if [ ! -f /data/${APPLICATION}/config/whitelist.json ]; then
-    cp /data/${APPLICATION}/whitelist.json /data/${APPLICATION}/config/whitelist.json
-fi
-
-if [ ! -f /data/${APPLICATION}/config/config.toml ]; then
-    cp /data/${APPLICATION}/config.toml /data/${APPLICATION}/config/config.toml
-fi
-
-/data/${APPLICATION}/${APPLICATION} -cfg /data/${APPLICATION}/config/config.toml > /data/${APPLICATION}/log/run.log 2>&1 &
-
-sleep 30
-
-while [[ true ]]; do
-    # Failure Circuit Breaker
-    curl -f --max-time 5 -retry 3 http://127.0.0.1:80/api/healthcheck || exit 1
-    sleep 120
-done

docker/dockerfile/release/Dockerfile

@@ -1,4 +1,4 @@
-FROM wjqserver/caddy:2.9.1-alpine AS builder
+FROM alpine:latest AS builder
 
 ARG USER=WJQSERVER-STUDIO
 ARG REPO=ghproxy
@@ -27,7 +27,7 @@ RUN VERSION=$(curl -s https://raw.githubusercontent.com/${USER}/${REPO}/main/VER
 RUN wget -O /usr/local/bin/init.sh https://raw.githubusercontent.com/${USER}/${REPO}/main/docker/dockerfile/release/init.sh
 
 # 拉取配置
-RUN wget -O /data/caddy/Caddyfile https://raw.githubusercontent.com/${USER}/${REPO}/main/caddyfile/release/Caddyfile
+#RUN wget -O /data/caddy/Caddyfile https://raw.githubusercontent.com/${USER}/${REPO}/main/caddyfile/release/Caddyfile
 RUN wget -O /data/${APPLICATION}/config.toml https://raw.githubusercontent.com/${USER}/${REPO}/main/config/config.toml
 RUN wget -O /data/${APPLICATION}/blacklist.json https://raw.githubusercontent.com/${USER}/${REPO}/main/config/blacklist.json
 RUN wget -O /data/${APPLICATION}/whitelist.json https://raw.githubusercontent.com/${USER}/${REPO}/main/config/whitelist.json
@@ -36,12 +36,12 @@ RUN wget -O /data/${APPLICATION}/whitelist.json https://raw.githubusercontent.co
 RUN chmod +x /data/${APPLICATION}/${APPLICATION}
 RUN chmod +x /usr/local/bin/init.sh
 
-FROM wjqserver/caddy:2.9.1-alpine
+FROM alpine:latest
 
 RUN apk add --no-cache curl
 
 COPY --from=builder /data/www /data/www
-COPY --from=builder /data/caddy /data/caddy
+#COPY --from=builder /data/caddy /data/caddy
 COPY --from=builder /data/${APPLICATION} /data/${APPLICATION}
 COPY --from=builder /usr/local/bin/init.sh /usr/local/bin/init.sh
 

docker/dockerfile/release/init.sh

@@ -2,10 +2,6 @@
 
 APPLICATION=ghproxy
 
-if [ ! -f /data/caddy/config/Caddyfile ]; then
-    cp /data/caddy/Caddyfile /data/caddy/config/Caddyfile
-fi
-
 if [ ! -f /data/${APPLICATION}/config/blacklist.json ]; then
     cp /data/${APPLICATION}/blacklist.json /data/${APPLICATION}/config/blacklist.json
 fi
@@ -18,14 +14,4 @@ if [ ! -f /data/${APPLICATION}/config/config.toml ]; then
     cp /data/${APPLICATION}/config.toml /data/${APPLICATION}/config/config.toml
 fi
 
-/data/caddy/caddy run --config /data/caddy/config/Caddyfile > /data/${APPLICATION}/log/caddy.log 2>&1 &
-
-/data/${APPLICATION}/${APPLICATION} -cfg /data/${APPLICATION}/config/config.toml > /data/${APPLICATION}/log/run.log 2>&1 &
-
-sleep 30
-
-while [[ true ]]; do
-    # Failure Circuit Breaker
-    curl -f --max-time 5 -retry 3 http://127.0.0.1:8080/api/healthcheck || exit 1
-    sleep 120
-done
+/data/${APPLICATION}/${APPLICATION} -cfg /data/${APPLICATION}/config/config.toml > /data/${APPLICATION}/log/run.log 2>&1 

go.mod

@@ -1,55 +1,39 @@
 module ghproxy
 
-go 1.23.4
+go 1.23.5
 
 require (
 	github.com/BurntSushi/toml v1.4.0
-	github.com/WJQSERVER-STUDIO/go-utils/logger v1.1.0
+	github.com/WJQSERVER-STUDIO/go-utils/logger v1.1.1
 	github.com/gin-gonic/gin v1.10.0
-	github.com/imroc/req/v3 v3.49.1
 	golang.org/x/time v0.9.0
 )
 
 require (
-	github.com/andybalholm/brotli v1.1.1 // indirect
-	github.com/bytedance/sonic v1.12.7 // indirect
-	github.com/bytedance/sonic/loader v0.2.2 // indirect
-	github.com/cloudflare/circl v1.5.0 // indirect
-	github.com/cloudwego/base64x v0.1.4 // indirect
+	github.com/bytedance/sonic v1.12.8 // indirect
+	github.com/bytedance/sonic/loader v0.2.3 // indirect
+	github.com/cloudwego/base64x v0.1.5 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.8 // indirect
 	github.com/gin-contrib/sse v1.0.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/go-playground/validator/v10 v10.23.0 // indirect
-	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
+	github.com/go-playground/validator/v10 v10.24.0 // indirect
 	github.com/goccy/go-json v0.10.4 // indirect
-	github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad // indirect
-	github.com/hashicorp/errwrap v1.1.0 // indirect
-	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/compress v1.17.11 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.9 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/onsi/ginkgo/v2 v2.22.2 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.3 // indirect
-	github.com/quic-go/qpack v0.5.1 // indirect
-	github.com/quic-go/quic-go v0.48.2 // indirect
-	github.com/refraction-networking/utls v1.6.7 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.12 // indirect
-	go.uber.org/mock v0.5.0 // indirect
 	golang.org/x/arch v0.13.0 // indirect
 	golang.org/x/crypto v0.32.0 // indirect
-	golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8 // indirect
-	golang.org/x/mod v0.22.0 // indirect
 	golang.org/x/net v0.34.0 // indirect
-	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/sys v0.29.0 // indirect
 	golang.org/x/text v0.21.0 // indirect
-	golang.org/x/tools v0.29.0 // indirect
-	google.golang.org/protobuf v1.36.2 // indirect
+	google.golang.org/protobuf v1.36.4 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -1,20 +1,16 @@
 github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0=
 github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
-github.com/WJQSERVER-STUDIO/go-utils/logger v1.1.0 h1:OUrAOWb8xK0kxpWextJYUasmol+5KKqG2az52X2ae64=
-github.com/WJQSERVER-STUDIO/go-utils/logger v1.1.0/go.mod h1:sAqHVYSucoUnycyHMAZc1fMH5dS2bQwgwo8NUiAIcyk=
-github.com/andybalholm/brotli v1.1.1 h1:PR2pgnyFznKEugtsUo0xLdDop5SKXd5Qf5ysW+7XdTA=
-github.com/andybalholm/brotli v1.1.1/go.mod h1:05ib4cKhjx3OQYUY22hTVd34Bc8upXjOLL2rKwwZBoA=
-github.com/bytedance/sonic v1.12.6 h1:/isNmCUF2x3Sh8RAp/4mh4ZGkcFAX/hLrzrK3AvpRzk=
-github.com/bytedance/sonic v1.12.6/go.mod h1:B8Gt/XvtZ3Fqj+iSKMypzymZxw/FVwgIGKzMzT9r/rk=
+github.com/WJQSERVER-STUDIO/go-utils/logger v1.1.1 h1:YS3q54SroxQpEM7c12ZKjLNAaSq++bNpxTujs9cTZ9c=
+github.com/WJQSERVER-STUDIO/go-utils/logger v1.1.1/go.mod h1:oW884JCCPDU6c906LI0uKXndWLiRvjb9LkGYC2cqRO8=
 github.com/bytedance/sonic v1.12.7 h1:CQU8pxOy9HToxhndH0Kx/S1qU/CuS9GnKYrGioDcU1Q=
 github.com/bytedance/sonic v1.12.7/go.mod h1:tnbal4mxOMju17EGfknm2XyYcpyCnIROYOEYuemj13I=
+github.com/bytedance/sonic v1.12.8 h1:4xYRVRlXIgvSZ4e8iVTlMF5szgpXd4AfvuWgA8I8lgs=
+github.com/bytedance/sonic v1.12.8/go.mod h1:uVvFidNmlt9+wa31S1urfwwthTWteBgG0hWuoKAXTx8=
 github.com/bytedance/sonic/loader v0.1.1/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU=
-github.com/bytedance/sonic/loader v0.2.2 h1:jxAJuN9fOot/cyz5Q6dUuMJF5OqQ6+5GfA8FjjQ0R4o=
-github.com/bytedance/sonic/loader v0.2.2/go.mod h1:N8A3vUdtUebEY2/VQC0MyhYeKUFosQU6FxH2JmUe6VI=
-github.com/cloudflare/circl v1.5.0 h1:hxIWksrX6XN5a1L2TI/h53AGPhNHoUBo+TD1ms9+pys=
-github.com/cloudflare/circl v1.5.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
-github.com/cloudwego/base64x v0.1.4 h1:jwCgWpFanWmN8xoIUHa2rtzmkd5J2plF/dnLS6Xd/0Y=
-github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
+github.com/bytedance/sonic/loader v0.2.3 h1:yctD0Q3v2NOGfSWPLPvG2ggA2kV6TS6s4wioyEqssH0=
+github.com/bytedance/sonic/loader v0.2.3/go.mod h1:N8A3vUdtUebEY2/VQC0MyhYeKUFosQU6FxH2JmUe6VI=
+github.com/cloudwego/base64x v0.1.5 h1:XPciSp1xaq2VCSt6lF0phncD4koWyULpl5bUxbfCyP4=
+github.com/cloudwego/base64x v0.1.5/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
 github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
@@ -25,37 +21,21 @@ github.com/gin-contrib/sse v1.0.0 h1:y3bT1mUWUxDpW4JLQg/HnTqV4rozuW4tC9eFKTxYI9E
 github.com/gin-contrib/sse v1.0.0/go.mod h1:zNuFdwarAygJBht0NTKiSi3jRf6RbqeILZ9Sp6Slhe0=
 github.com/gin-gonic/gin v1.10.0 h1:nTuyha1TYqgedzytsKYqna+DfLos46nTv2ygFy86HFU=
 github.com/gin-gonic/gin v1.10.0/go.mod h1:4PMNQiOhvDRa013RKVbsiNwoyezlm2rm0uX/T7kzp5Y=
-github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
-github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
 github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
 github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
-github.com/go-playground/validator/v10 v10.23.0 h1:/PwmTwZhS0dPkav3cdK9kV1FsAmrL8sThn8IHr/sO+o=
-github.com/go-playground/validator/v10 v10.23.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
-github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
-github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
-github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
+github.com/go-playground/validator/v10 v10.24.0 h1:KHQckvo8G6hlWnrPX4NJJ+aBfWNAE/HH+qdL2cBpCmg=
+github.com/go-playground/validator/v10 v10.24.0/go.mod h1:GGzBIJMuE98Ic/kJsBXbz1x/7cByt++cQ+YOuDM5wus=
 github.com/goccy/go-json v0.10.4 h1:JSwxQzIqKfmFX1swYPpUThQZp/Ka4wzJdK0LWVytLPM=
 github.com/goccy/go-json v0.10.4/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad h1:a6HEuzUHeKH6hwfN/ZoQgRgVIWFJljSWa/zetS2WTvg=
-github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
-github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
-github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
-github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
-github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
-github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
-github.com/imroc/req/v3 v3.49.1 h1:Nvwo02riiPEzh74ozFHeEJrtjakFxnoWNR3YZYuQm9U=
-github.com/imroc/req/v3 v3.49.1/go.mod h1:tsOk8K7zI6cU4xu/VWCZVtq9Djw9IWm4MslKzme5woU=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc=
-github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.2.9 h1:66ze0taIn2H33fBvCkXuv9BmCwDfafmiIVpKV9kKGuY=
 github.com/klauspost/cpuid/v2 v2.2.9/go.mod h1:rqkxqrZ1EhYM9G+hXH7YdowN5R5RGN6NK4QwQ3WMXF8=
@@ -69,20 +49,10 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
-github.com/onsi/ginkgo/v2 v2.22.2 h1:/3X8Panh8/WwhU/3Ssa6rCKqPLuAkVY2I0RoyDLySlU=
-github.com/onsi/ginkgo/v2 v2.22.2/go.mod h1:oeMosUL+8LtarXBHu/c0bx2D/K9zyQ6uX3cTyztHwsk=
-github.com/onsi/gomega v1.36.2 h1:koNYke6TVk6ZmnyHrCXba/T/MoLBXFjeC1PtvYgw0A8=
-github.com/onsi/gomega v1.36.2/go.mod h1:DdwyADRjrc825LhMEkD76cHR5+pUnjhUN8GlHlRPHzY=
 github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M=
 github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/quic-go/qpack v0.5.1 h1:giqksBPnT/HDtZ6VhtFKgoLOWmlyo9Ei6u9PqzIMbhI=
-github.com/quic-go/qpack v0.5.1/go.mod h1:+PC4XFrEskIVkcLzpEkbLqq1uCoxPhQuvK5rH1ZgaEg=
-github.com/quic-go/quic-go v0.48.2 h1:wsKXZPeGWpMpCGSWqOcqpW2wZYic/8T3aqiOID0/KWE=
-github.com/quic-go/quic-go v0.48.2/go.mod h1:yBgs3rWBOADpga7F+jJsb6Ybg1LSYiQvwWlLX+/6HMs=
-github.com/refraction-networking/utls v1.6.7 h1:zVJ7sP1dJx/WtVuITug3qYUq034cDq9B2MR1K67ULZM=
-github.com/refraction-networking/utls v1.6.7/go.mod h1:BC3O4vQzye5hqpmDTWUqi4P5DDhzJfkV1tdqtawQIH0=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@@ -99,22 +69,12 @@ github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE=
 github.com/ugorji/go/codec v1.2.12/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
-github.com/xyproto/randomstring v1.0.5 h1:YtlWPoRdgMu3NZtP45drfy1GKoojuR7hmRcnhZqKjWU=
-github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3iGxZ18UQApw/E=
-go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU=
-go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM=
 golang.org/x/arch v0.13.0 h1:KCkqVVV1kGg0X87TFysjCJ8MxtZEIU4Ja/yXGeoECdA=
 golang.org/x/arch v0.13.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
 golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
 golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
-golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8 h1:yqrTHse8TCMW1M1ZCP+VAR/l0kKxwaAIqN/il7x4voA=
-golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8/go.mod h1:tujkw807nyEEAamNbDrEGzRav+ilXA7PCRAd6xsmwiU=
-golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
-golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
 golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
 golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
-golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
-golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
 golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
@@ -122,10 +82,10 @@ golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
 golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
 golang.org/x/time v0.9.0 h1:EsRrnYcQiGH+5FfbgvV4AP7qEZstoyrHB0DzarOQ4ZY=
 golang.org/x/time v0.9.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
-golang.org/x/tools v0.29.0 h1:Xx0h3TtM9rzQpQuR4dKLrdglAmCEN5Oi+P74JdhdzXE=
-golang.org/x/tools v0.29.0/go.mod h1:KMQVMRsVxU6nHCFXrBPhDB8XncLNLM0lIy/F14RP588=
-google.golang.org/protobuf v1.36.2 h1:R8FeyR1/eLmkutZOM5CWghmo5itiG9z0ktFlTVLuTmU=
-google.golang.org/protobuf v1.36.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.3 h1:82DV7MYdb8anAVi3qge1wSnMDrnKK7ebr+I0hHRN1BU=
+google.golang.org/protobuf v1.36.3/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.4 h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM=
+google.golang.org/protobuf v1.36.4/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

init.sh

@@ -2,10 +2,6 @@
 
 APPLICATON=ghproxy
 
-if [ ! -f /data/caddy/config/Caddyfile ]; then
-    cp /data/caddy/Caddyfile /data/caddy/config/Caddyfile
-fi
-
 if [ ! -f /data/${APPLICATON}/config/blacklist.json ]; then
     cp /data/${APPLICATON}/blacklist.json /data/${APPLICATON}/config/blacklist.json
 fi
@@ -18,14 +14,5 @@ if [ ! -f /data/${APPLICATON}/config/config.yaml ]; then
     cp /data/${APPLICATON}/config.yaml /data/${APPLICATON}/config/config.yaml
 fi
 
-/data/caddy/caddy run --config /data/caddy/config/Caddyfile > /data/${APPLICATON}/log/caddy.log 2>&1 &
-
-/data/${APPLICATON}/${APPLICATON} > /data/${APPLICATON}/log/run.log 2>&1 &
-
-sleep 30
-
-while [[ true ]]; do
-    curl -f http://localhost:8080/api/healthcheck || exit 1
-    sleep 120
-done    
+/data/${APPLICATON}/${APPLICATON} > /data/${APPLICATON}/log/run.log 2>&1 
 

main.go

@@ -4,6 +4,7 @@ import (
 	"embed"
 	"flag"
 	"fmt"
+	"io"
 	"io/fs"
 	"log"
 	"net/http"
@@ -90,11 +91,16 @@ func setupRateLimit(cfg *config.Config) {
 	}
 }
 
+func InitReq() {
+	proxy.InitReq()
+}
+
 func init() {
 	readFlag()
 	flag.Parse()
 	loadConfig()
 	setupLogger(cfg)
+	InitReq()
 	loadlist(cfg)
 	setupRateLimit(cfg)
 
@@ -110,7 +116,9 @@ func init() {
 		runMode = "release"
 	}
 
-	router = gin.Default()
+	gin.LoggerWithWriter(io.Discard)
+	router = gin.New()
+	router.Use(gin.Recovery())
 	//H2C默认值为true，而后遵循cfg.Server.EnableH2C的设置
 	if cfg.Server.EnableH2C == "on" {
 		router.UseH2C = true
@@ -142,6 +150,8 @@ func init() {
 	router.NoRoute(func(c *gin.Context) {
 		proxy.NoRouteHandler(cfg, limiter, iplimiter, runMode)(c)
 	})
+
+	fmt.Printf("GHProxy Version: %s\n", version)
 }
 
 func main() {

pages/index.html

@@ -8,7 +8,6 @@
     <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
     <link rel="preconnect" href="https://fonts.googleapis.com">
     <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
-    <link href="https://fonts.googleapis.com/css2?family=Noto+Sans+SC:wght@100..900&display=swap" rel="stylesheet">
     <style>
         /* 通用样式 */
         :root {
@@ -40,7 +39,7 @@
         body {
             background-color: var(--background-color);
             color: var(--text-color);
-            font-family: "Noto Sans SC", sans-serif;
+            font-family: sans-serif;
             line-height: 1.8;
             font-size: 15px;
             margin: 0;
@@ -370,17 +369,17 @@
             let formattedLink = "";
 
             if (githubLink.startsWith("https://github.com/") || githubLink.startsWith("http://github.com/")) {
-                formattedLink = "https://" + currentHost + "/github.com" + githubLink.substring(githubLink.indexOf("/", 8));
+                formattedLink = window.location.protocol + "//" + currentHost + "/github.com" + githubLink.substring(githubLink.indexOf("/", 8));
             } else if (githubLink.startsWith("github.com/")) {
-                formattedLink = "https://" + currentHost + "/" + githubLink;
+                formattedLink = window.location.protocol + "//" + currentHost + "/" + githubLink;
             } else if (githubLink.startsWith("https://raw.githubusercontent.com/") || githubLink.startsWith("http://raw.githubusercontent.com/")) {
-                formattedLink = "https://" + currentHost + githubLink.substring(githubLink.indexOf("/", 7));
+                formattedLink = window.location.protocol + "//" + currentHost + githubLink.substring(githubLink.indexOf("/", 7));
             } else if (githubLink.startsWith("raw.githubusercontent.com/")) {
-                formattedLink = "https://" + currentHost + "/" + githubLink;
+                formattedLink = window.location.protocol + "//" + currentHost + "/" + githubLink;
             } else if (githubLink.startsWith("https://gist.githubusercontent.com/") || githubLink.startsWith("http://gist.githubusercontent.com/")) {
-                formattedLink = "https://" + currentHost + "/gist.github.com" + githubLink.substring(githubLink.indexOf("/", 18));
+                formattedLink = window.location.protocol + "//" + currentHost + "/gist.github.com" + githubLink.substring(githubLink.indexOf("/", 18));
             } else if (githubLink.startsWith("gist.githubusercontent.com/")) {
-                formattedLink = "https://" + currentHost + "/" + githubLink;
+                formattedLink = window.location.protocol + "//" + currentHost + "/" + githubLink;
             } else {
                 showToast('请输入有效的GitHub链接');
                 return null;
@@ -438,4 +437,4 @@
     </script>
 </body>
 
-</html>
+</html>

proxy/authpass.go

@@ -0,0 +1,36 @@
+package proxy
+
+import (
+	"ghproxy/config"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+)
+
+func AuthPassThrough(c *gin.Context, cfg *config.Config, req *http.Request) {
+	if cfg.Auth.PassThrough {
+		token := c.Query("token")
+		if token != "" {
+			switch cfg.Auth.AuthMethod {
+			case "parameters":
+				if !cfg.Auth.Enabled {
+					req.Header.Set("Authorization", "token "+token)
+				} else {
+					logWarning("%s %s %s %s %s Auth-Error: Conflict Auth Method", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto)
+					// 500 Internal Server Error
+					c.JSON(http.StatusInternalServerError, gin.H{"error": "Conflict Auth Method"})
+					return
+				}
+			case "header":
+				if cfg.Auth.Enabled {
+					req.Header.Set("Authorization", "token "+token)
+				}
+			default:
+				logWarning("%s %s %s %s %s Invalid Auth Method / Auth Method is not be set", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto)
+				// 500 Internal Server Error
+				c.JSON(http.StatusInternalServerError, gin.H{"error": "Invalid Auth Method / Auth Method is not be set"})
+				return
+			}
+		}
+	}
+}

proxy/chunkreq.go

@@ -0,0 +1,179 @@
+package proxy
+
+import (
+	"bytes"
+	"fmt"
+	"ghproxy/config"
+	"io"
+	"net"
+	"net/http"
+	"strconv"
+	"sync"
+	"time"
+
+	"github.com/gin-gonic/gin"
+)
+
+var BufferSize int = 32 * 1024 // 32KB
+
+var (
+	cclient    *http.Client
+	ctr        *http.Transport
+	BufferPool *sync.Pool
+)
+
+func InitReq() {
+	initChunkedHTTPClient()
+	initGitHTTPClient()
+
+	// 初始化固定大小的缓存池
+	BufferPool = &sync.Pool{
+		New: func() interface{} {
+			return make([]byte, BufferSize)
+		},
+	}
+}
+
+func initChunkedHTTPClient() {
+	ctr = &http.Transport{
+		MaxIdleConns:          100,
+		MaxConnsPerHost:       60,
+		IdleConnTimeout:       20 * time.Second,
+		TLSHandshakeTimeout:   10 * time.Second,
+		ExpectContinueTimeout: 1 * time.Second,
+		ResponseHeaderTimeout: 10 * time.Second,
+		DialContext: (&net.Dialer{
+			Timeout:   30 * time.Second,
+			KeepAlive: 30 * time.Second,
+		}).DialContext,
+	}
+	cclient = &http.Client{
+		Transport: ctr,
+	}
+}
+
+func ChunkedProxyRequest(c *gin.Context, u string, cfg *config.Config, mode string, runMode string) {
+	method := c.Request.Method
+	logInfo("%s %s %s %s %s", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto)
+
+	// 发送HEAD请求, 预获取Content-Length
+	headReq, err := http.NewRequest("HEAD", u, nil)
+	if err != nil {
+		HandleError(c, fmt.Sprintf("创建HEAD请求失败: %v", err))
+		return
+	}
+	setRequestHeaders(c, headReq)
+	removeWSHeader(headReq) // 删除Conection Upgrade头, 避免与HTTP/2冲突(检查是否存在Upgrade头)
+	AuthPassThrough(c, cfg, headReq)
+
+	headResp, err := cclient.Do(headReq)
+	if err != nil {
+		HandleError(c, fmt.Sprintf("Failed to send request: %v", err))
+		return
+	}
+	//defer headResp.Body.Close()
+	defer func(Body io.ReadCloser) {
+		if err := Body.Close(); err != nil {
+			logError("Failed to close response body: %v", err)
+		}
+	}(headResp.Body)
+
+	contentLength := headResp.Header.Get("Content-Length")
+	sizelimit := cfg.Server.SizeLimit * 1024 * 1024
+	if contentLength != "" {
+		size, err := strconv.Atoi(contentLength)
+		if err == nil && size > sizelimit {
+			finalURL := headResp.Request.URL.String()
+			c.Redirect(http.StatusMovedPermanently, finalURL)
+			logWarning("%s %s %s %s %s Final-URL: %s Size-Limit-Exceeded: %d", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto, finalURL, size)
+			return
+		}
+	}
+
+	/*
+		if err := HandleResponseSize(headResp, cfg, c); err != nil {
+			logWarning("%s %s %s %s %s Response-Size-Error: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
+			return
+		}
+	*/
+
+	body, err := readRequestBody(c)
+	if err != nil {
+		HandleError(c, err.Error())
+		return
+	}
+
+	bodyReader := bytes.NewBuffer(body)
+
+	// 创建请求
+	req, err := http.NewRequest(method, u, bodyReader)
+	if err != nil {
+		HandleError(c, fmt.Sprintf("创建请求失败: %v", err))
+		return
+	}
+
+	setRequestHeaders(c, req)
+	removeWSHeader(req) // 删除Conection Upgrade头, 避免与HTTP/2冲突(检查是否存在Upgrade头)
+	AuthPassThrough(c, cfg, req)
+
+	resp, err := cclient.Do(req)
+	if err != nil {
+		HandleError(c, fmt.Sprintf("发送请求失败: %v", err))
+		return
+	}
+	defer resp.Body.Close()
+
+	/*
+		if err := HandleResponseSize(resp, cfg, c); err != nil {
+			logWarning("%s %s %s %s %s Response-Size-Error: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
+			return
+		}
+	*/
+
+	contentLength = resp.Header.Get("Content-Length")
+	if contentLength != "" {
+		size, err := strconv.Atoi(contentLength)
+		if err == nil && size > sizelimit {
+			finalURL := resp.Request.URL.String()
+			c.Redirect(http.StatusMovedPermanently, finalURL)
+			logWarning("%s %s %s %s %s Final-URL: %s Size-Limit-Exceeded: %d", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto, finalURL, size)
+			return
+		}
+	}
+
+	for key, values := range resp.Header {
+		for _, value := range values {
+			c.Header(key, value)
+		}
+	}
+
+	headersToRemove := map[string]struct{}{
+		"Content-Security-Policy":   {},
+		"Referrer-Policy":           {},
+		"Strict-Transport-Security": {},
+	}
+
+	for header := range headersToRemove {
+		resp.Header.Del(header)
+	}
+
+	if cfg.CORS.Enabled {
+		c.Header("Access-Control-Allow-Origin", "*")
+	} else {
+		c.Header("Access-Control-Allow-Origin", "")
+	}
+
+	c.Status(resp.StatusCode)
+
+	// 使用固定32KB缓冲池
+	buffer := BufferPool.Get().([]byte)
+	defer BufferPool.Put(buffer)
+
+	_, err = io.CopyBuffer(c.Writer, resp.Body, buffer)
+	if err != nil {
+		logError("%s %s %s %s %s 响应复制错误: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
+		return
+	} else {
+		c.Writer.Flush() // 确保刷入
+	}
+}

proxy/gitreq.go

@@ -0,0 +1,145 @@
+package proxy
+
+import (
+	"bytes"
+	"fmt"
+	"ghproxy/config"
+	"io"
+	"net/http"
+	"strconv"
+	"time"
+
+	"github.com/gin-gonic/gin"
+)
+
+var (
+	gclient *http.Client
+	gtr     *http.Transport
+)
+
+func initGitHTTPClient() {
+	gtr = &http.Transport{
+		MaxIdleConns:    30,
+		MaxConnsPerHost: 30,
+		IdleConnTimeout: 30 * time.Second,
+	}
+	gclient = &http.Client{
+		Transport: gtr,
+	}
+}
+
+func GitReq(c *gin.Context, u string, cfg *config.Config, mode string, runMode string) {
+	method := c.Request.Method
+	logInfo("%s %s %s %s %s", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto)
+
+	// 创建HTTP客户端
+	//client := &http.Client{}
+
+	// 发送HEAD请求, 预获取Content-Length
+	headReq, err := http.NewRequest("HEAD", u, nil)
+	if err != nil {
+		HandleError(c, fmt.Sprintf("创建HEAD请求失败: %v", err))
+		return
+	}
+	setRequestHeaders(c, headReq)
+	AuthPassThrough(c, cfg, headReq)
+
+	headResp, err := gclient.Do(headReq)
+	if err != nil {
+		HandleError(c, fmt.Sprintf("Failed to send request: %v", err))
+		return
+	}
+
+	// defer headResp.Body.Close()
+	defer func(Body io.ReadCloser) {
+		if err := Body.Close(); err != nil {
+			logError("Failed to close response body: %v", err)
+		}
+	}(headResp.Body)
+
+	contentLength := headResp.Header.Get("Content-Length")
+	sizelimit := cfg.Server.SizeLimit * 1024 * 1024
+	if contentLength != "" {
+		size, err := strconv.Atoi(contentLength)
+		if err == nil && size > sizelimit {
+			finalURL := headResp.Request.URL.String()
+			c.Redirect(http.StatusMovedPermanently, finalURL)
+			logWarning("%s %s %s %s %s Final-URL: %s Size-Limit-Exceeded: %d", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto, finalURL, size)
+			return
+		}
+	}
+
+	body, err := readRequestBody(c)
+	if err != nil {
+		HandleError(c, err.Error())
+		return
+	}
+
+	bodyReader := bytes.NewBuffer(body)
+
+	// 创建请求
+	req, err := http.NewRequest(method, u, bodyReader)
+	if err != nil {
+		HandleError(c, fmt.Sprintf("创建请求失败: %v", err))
+		return
+	}
+	setRequestHeaders(c, req)
+	AuthPassThrough(c, cfg, req)
+
+	resp, err := gclient.Do(req)
+	if err != nil {
+		HandleError(c, fmt.Sprintf("Failed to send request: %v", err))
+		return
+	}
+	//defer resp.Body.Close()
+	defer func(Body io.ReadCloser) {
+		if err := Body.Close(); err != nil {
+			logError("Failed to close response body: %v", err)
+		}
+	}(resp.Body)
+
+	/*
+		if err := HandleResponseSize(resp, cfg, c); err != nil {
+			logWarning("%s %s %s %s %s Response-Size-Error: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
+			return
+		}
+	*/
+	contentLength = resp.Header.Get("Content-Length")
+	if contentLength != "" {
+		size, err := strconv.Atoi(contentLength)
+		if err == nil && size > sizelimit {
+			finalURL := resp.Request.URL.String()
+			c.Redirect(http.StatusMovedPermanently, finalURL)
+			logWarning("%s %s %s %s %s Final-URL: %s Size-Limit-Exceeded: %d", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto, finalURL, size)
+			return
+		}
+	}
+
+	for key, values := range resp.Header {
+		for _, value := range values {
+			c.Header(key, value)
+		}
+	}
+
+	headersToRemove := map[string]struct{}{
+		"Content-Security-Policy":   {},
+		"Referrer-Policy":           {},
+		"Strict-Transport-Security": {},
+	}
+
+	for header := range headersToRemove {
+		resp.Header.Del(header)
+	}
+
+	if cfg.CORS.Enabled {
+		c.Header("Access-Control-Allow-Origin", "*")
+	} else {
+		c.Header("Access-Control-Allow-Origin", "")
+	}
+
+	c.Status(resp.StatusCode)
+
+	if _, err := io.Copy(c.Writer, resp.Body); err != nil {
+		logError("%s %s %s %s %s Response-Copy-Error: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
+	}
+}

proxy/handler.go

@@ -0,0 +1,128 @@
+package proxy
+
+import (
+	"fmt"
+	"ghproxy/auth"
+	"ghproxy/config"
+	"ghproxy/rate"
+	"net/http"
+	"regexp"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+func NoRouteHandler(cfg *config.Config, limiter *rate.RateLimiter, iplimiter *rate.IPRateLimiter, runMode string) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// 限制访问频率
+		if cfg.RateLimit.Enabled {
+
+			var allowed bool
+
+			switch cfg.RateLimit.RateMethod {
+			case "ip":
+				allowed = iplimiter.Allow(c.ClientIP())
+			case "total":
+				allowed = limiter.Allow()
+			default:
+				logWarning("Invalid RateLimit Method")
+				return
+			}
+
+			if !allowed {
+				c.JSON(http.StatusTooManyRequests, gin.H{"error": "Too Many Requests"})
+				logWarning("%s %s %s %s %s 429-TooManyRequests", c.ClientIP(), c.Request.Method, c.Request.URL.RequestURI(), c.Request.Header.Get("User-Agent"), c.Request.Proto)
+				return
+			}
+		}
+
+		rawPath := strings.TrimPrefix(c.Request.URL.RequestURI(), "/") // 去掉前缀/
+		re := regexp.MustCompile(`^(http:|https:)?/?/?(.*)`)           // 匹配http://或https://开头的路径
+		matches := re.FindStringSubmatch(rawPath)                      // 匹配路径
+
+		// 匹配路径错误处理
+		if len(matches) < 3 {
+			errMsg := fmt.Sprintf("%s %s %s %s %s Invalid URL", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto)
+			logWarning(errMsg)
+			c.String(http.StatusForbidden, "Invalid URL Format. Path: %s", rawPath)
+			return
+		}
+
+		// 制作url
+		rawPath = "https://" + matches[2]
+
+		username, repo := MatchUserRepo(rawPath, cfg, c, matches) // 匹配用户名和仓库名
+
+		logInfo("%s %s %s %s %s Matched-Username: %s, Matched-Repo: %s", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, username, repo)
+		repouser := fmt.Sprintf("%s/%s", username, repo)
+
+		// 白名单检查
+		if cfg.Whitelist.Enabled {
+			whitelist := auth.CheckWhitelist(repouser, username, repo)
+			if !whitelist {
+				logErrMsg := fmt.Sprintf("%s %s %s %s %s Whitelist Blocked repo: %s", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, repouser)
+				errMsg := fmt.Sprintf("Whitelist Blocked repo: %s", repouser)
+				c.JSON(http.StatusForbidden, gin.H{"error": errMsg})
+				logWarning(logErrMsg)
+				return
+			}
+		}
+
+		// 黑名单检查
+		if cfg.Blacklist.Enabled {
+			blacklist := auth.CheckBlacklist(repouser, username, repo)
+			if blacklist {
+				logErrMsg := fmt.Sprintf("%s %s %s %s %s Blacklist Blocked repo: %s", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, repouser)
+				errMsg := fmt.Sprintf("Blacklist Blocked repo: %s", repouser)
+				c.JSON(http.StatusForbidden, gin.H{"error": errMsg})
+				logWarning(logErrMsg)
+				return
+			}
+		}
+
+		matches = CheckURL(rawPath, c)
+		if matches == nil {
+			c.AbortWithStatus(http.StatusNotFound)
+			logError("%s %s %s %s %s 404-NOMATCH", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto)
+			return
+		}
+
+		// 若匹配api.github.com/repos/用户名/仓库名/路径, 则检查是否开启HeaderAuth
+		if exps[5].MatchString(rawPath) {
+			if cfg.Auth.AuthMethod != "header" || !cfg.Auth.Enabled {
+				c.JSON(http.StatusForbidden, gin.H{"error": "HeaderAuth is not enabled."})
+				logWarning("%s %s %s %s %s HeaderAuth-Error: HeaderAuth is not enabled.", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto)
+				return
+			}
+		}
+
+		// 处理blob/raw路径
+		if exps[1].MatchString(rawPath) {
+			rawPath = strings.Replace(rawPath, "/blob/", "/raw/", 1)
+		}
+
+		// 鉴权
+		authcheck, err := auth.AuthHandler(c, cfg)
+		if !authcheck {
+			c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
+			logWarning("%s %s %s %s %s Auth-Error: %v", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
+			return
+		}
+
+		// IP METHOD URL USERAGENT PROTO MATCHES
+		logInfo("%s %s %s %s %s Matches: %v", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, matches)
+
+		switch {
+		case exps[0].MatchString(rawPath), exps[1].MatchString(rawPath), exps[3].MatchString(rawPath), exps[4].MatchString(rawPath):
+			//ProxyRequest(c, rawPath, cfg, "chrome", runMode)
+			ChunkedProxyRequest(c, rawPath, cfg, "chrome", runMode) // dev test chunk
+		case exps[2].MatchString(rawPath):
+			//ProxyRequest(c, rawPath, cfg, "git", runMode)
+			GitReq(c, rawPath, cfg, "git", runMode)
+		default:
+			c.String(http.StatusForbidden, "Invalid input.")
+			fmt.Println("Invalid input.")
+			return
+		}
+	}
+}

proxy/matchrepo.go

@@ -0,0 +1,34 @@
+package proxy
+
+import (
+	"fmt"
+	"ghproxy/config"
+	"net/http"
+	"regexp"
+
+	"github.com/gin-gonic/gin"
+)
+
+// 预定义regex
+var (
+	pathRegex = regexp.MustCompile(`^([^/]+)/([^/]+)/([^/]+)/.*`)                                         // 匹配路径
+	gistRegex = regexp.MustCompile(`^(?:https?://)?gist\.github(?:usercontent|)\.com/([^/]+)/([^/]+)/.*`) // 匹配gist路径
+)
+
+// 提取用户名和仓库名
+func MatchUserRepo(rawPath string, cfg *config.Config, c *gin.Context, matches []string) (string, string) {
+	if gistMatches := gistRegex.FindStringSubmatch(rawPath); len(gistMatches) == 3 {
+		logInfo("%s %s %s %s %s Matched-Username: %s", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, gistMatches[1])
+		return gistMatches[1], ""
+	}
+	// 定义路径
+	if pathMatches := pathRegex.FindStringSubmatch(matches[2]); len(pathMatches) >= 4 {
+		return pathMatches[2], pathMatches[3]
+	}
+
+	// 返回错误信息
+	errMsg := fmt.Sprintf("%s %s %s %s %s Invalid URL", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto)
+	logWarning(errMsg)
+	c.String(http.StatusForbidden, "Invalid path; expected username/repo, Path: %s", rawPath)
+	return "", ""
+}

proxy/proxy.go

@@ -5,16 +5,9 @@ import (
 	"io"
 	"net/http"
 	"regexp"
-	"strconv"
-	"strings"
-
-	"ghproxy/auth"
-	"ghproxy/config"
-	"ghproxy/rate"
 
 	"github.com/WJQSERVER-STUDIO/go-utils/logger"
 	"github.com/gin-gonic/gin"
-	"github.com/imroc/req/v3"
 )
 
 // 日志模块
@@ -34,208 +27,6 @@ var exps = []*regexp.Regexp{
 	regexp.MustCompile(`^(?:https?://)?api\.github\.com/repos/([^/]+)/([^/]+)/.*`),
 }
 
-func NoRouteHandler(cfg *config.Config, limiter *rate.RateLimiter, iplimiter *rate.IPRateLimiter, runMode string) gin.HandlerFunc {
-	return func(c *gin.Context) {
-		// 限制访问频率
-		if cfg.RateLimit.Enabled {
-
-			var allowed bool
-
-			switch cfg.RateLimit.RateMethod {
-			case "ip":
-				allowed = iplimiter.Allow(c.ClientIP())
-			case "total":
-				allowed = limiter.Allow()
-			default:
-				logWarning("Invalid RateLimit Method")
-				return
-			}
-
-			if !allowed {
-				c.JSON(http.StatusTooManyRequests, gin.H{"error": "Too Many Requests"})
-				logWarning("%s %s %s %s %s 429-TooManyRequests", c.ClientIP(), c.Request.Method, c.Request.URL.RequestURI(), c.Request.Header.Get("User-Agent"), c.Request.Proto)
-				return
-			}
-		}
-
-		rawPath := strings.TrimPrefix(c.Request.URL.RequestURI(), "/")
-		re := regexp.MustCompile(`^(http:|https:)?/?/?(.*)`)
-		matches := re.FindStringSubmatch(rawPath)
-
-		if len(matches) < 3 {
-			errMsg := fmt.Sprintf("%s %s %s %s %s Invalid URL", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto)
-			logWarning(errMsg)
-			c.String(http.StatusForbidden, "Invalid URL Format. Path: %s", rawPath)
-			return
-		}
-
-		rawPath = "https://" + matches[2]
-
-		username, repo := MatchUserRepo(rawPath, cfg, c, matches)
-
-		logInfo("%s %s %s %s %s Matched-Username: %s, Matched-Repo: %s", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, username, repo)
-		repouser := fmt.Sprintf("%s/%s", username, repo)
-
-		// 白名单检查
-		if cfg.Whitelist.Enabled {
-			whitelist := auth.CheckWhitelist(repouser, username, repo)
-			if !whitelist {
-				logErrMsg := fmt.Sprintf("%s %s %s %s %s Whitelist Blocked repo: %s", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, repouser)
-				errMsg := fmt.Sprintf("Whitelist Blocked repo: %s", repouser)
-				c.JSON(http.StatusForbidden, gin.H{"error": errMsg})
-				logWarning(logErrMsg)
-				return
-			}
-		}
-
-		// 黑名单检查
-		if cfg.Blacklist.Enabled {
-			blacklist := auth.CheckBlacklist(repouser, username, repo)
-			if blacklist {
-				logErrMsg := fmt.Sprintf("%s %s %s %s %s Whitelist Blocked repo: %s", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, repouser)
-				errMsg := fmt.Sprintf("Blacklist Blocked repo: %s", repouser)
-				c.JSON(http.StatusForbidden, gin.H{"error": errMsg})
-				logWarning(logErrMsg)
-				return
-			}
-		}
-
-		matches = CheckURL(rawPath, c)
-		if matches == nil {
-			c.AbortWithStatus(http.StatusNotFound)
-			logError("%s %s %s %s %s 404-NOMATCH", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto)
-			return
-		}
-
-		// 若匹配api.github.com/repos/用户名/仓库名/路径, 则检查是否开启HeaderAuth
-		if exps[5].MatchString(rawPath) {
-			if cfg.Auth.AuthMethod != "header" || !cfg.Auth.Enabled {
-				c.JSON(http.StatusForbidden, gin.H{"error": "HeaderAuth is not enabled."})
-				logWarning("%s %s %s %s %s HeaderAuth-Error: HeaderAuth is not enabled.", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto)
-				return
-			}
-		}
-
-		// 处理blob/raw路径
-		if exps[1].MatchString(rawPath) {
-			rawPath = strings.Replace(rawPath, "/blob/", "/raw/", 1)
-		}
-
-		// 鉴权
-		authcheck, err := auth.AuthHandler(c, cfg)
-		if !authcheck {
-			c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
-			logWarning("%s %s %s %s %s Auth-Error: %v", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
-			return
-		}
-
-		// IP METHOD URL USERAGENT PROTO MATCHES
-		logInfo("%s %s %s %s %s Matches: %v", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, matches)
-
-		switch {
-		case exps[0].MatchString(rawPath), exps[1].MatchString(rawPath), exps[3].MatchString(rawPath), exps[4].MatchString(rawPath):
-			ProxyRequest(c, rawPath, cfg, "chrome", runMode)
-		case exps[2].MatchString(rawPath):
-			ProxyRequest(c, rawPath, cfg, "git", runMode)
-		default:
-			c.String(http.StatusForbidden, "Invalid input.")
-			fmt.Println("Invalid input.")
-			return
-		}
-	}
-}
-
-// 提取用户名和仓库名
-func MatchUserRepo(rawPath string, cfg *config.Config, c *gin.Context, matches []string) (string, string) {
-	var gistregex = regexp.MustCompile(`^(?:https?://)?gist\.github(?:usercontent|)\.com/([^/]+)/([^/]+)/.*`)
-	var gistmatches []string
-	if gistregex.MatchString(rawPath) {
-		gistmatches = gistregex.FindStringSubmatch(rawPath)
-		logInfo("%s %s %s %s %s Matched-Username: %s", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto, gistmatches[1])
-		return gistmatches[1], ""
-	}
-	// 定义路径
-	pathRegex := regexp.MustCompile(`^([^/]+)/([^/]+)/([^/]+)/.*`)
-	if pathMatches := pathRegex.FindStringSubmatch(matches[2]); len(pathMatches) >= 4 {
-		return pathMatches[2], pathMatches[3]
-	}
-
-	// 返回错误信息
-	errMsg := fmt.Sprintf("%s %s %s %s %s Invalid URL", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto)
-	logWarning(errMsg)
-	c.String(http.StatusForbidden, "Invalid path; expected username/repo, Path: %s", rawPath)
-	return "", ""
-}
-
-func ProxyRequest(c *gin.Context, u string, cfg *config.Config, mode string, runMode string) {
-	method := c.Request.Method
-	logInfo("%s %s %s %s %s", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto)
-
-	client := createHTTPClient(mode)
-	if runMode == "dev" {
-		client.DevMode()
-	}
-
-	// 发送HEAD请求, 预获取Content-Length
-	headReq := client.R()
-	setRequestHeaders(c, headReq)
-	authPassThrough(c, cfg, headReq)
-
-	headResp, err := headReq.Head(u)
-	if err != nil {
-		HandleError(c, fmt.Sprintf("Failed to send request: %v", err))
-		return
-	}
-	defer headResp.Body.Close()
-
-	if err := HandleResponseSize(headResp, cfg, c); err != nil {
-		logWarning("%s %s %s %s %s Response-Size-Error: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
-		return
-	}
-
-	body, err := readRequestBody(c)
-	if err != nil {
-		HandleError(c, err.Error())
-		return
-	}
-
-	req := client.R().SetBody(body)
-	setRequestHeaders(c, req)
-	authPassThrough(c, cfg, req)
-
-	resp, err := SendRequest(c, req, method, u)
-	if err != nil {
-		HandleError(c, fmt.Sprintf("Failed to send request: %v", err))
-		return
-	}
-	defer resp.Body.Close()
-
-	if err := HandleResponseSize(resp, cfg, c); err != nil {
-		logWarning("%s %s %s %s %s Response-Size-Error: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
-		return
-	}
-
-	CopyResponseHeaders(resp, c, cfg)
-	c.Status(resp.StatusCode)
-	if err := copyResponseBody(c, resp.Body); err != nil {
-		logError("%s %s %s %s %s Response-Copy-Error: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
-	}
-}
-
-// 判断并选择TLS指纹
-func createHTTPClient(mode string) *req.Client {
-	client := req.C()
-	switch mode {
-	case "chrome":
-		client.SetUserAgent("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36").
-			SetTLSFingerprintChrome().
-			ImpersonateChrome()
-	case "git":
-		client.SetUserAgent("git/2.33.1")
-	}
-	return client
-}
-
 // 读取请求体
 func readRequestBody(c *gin.Context) ([]byte, error) {
 	body, err := io.ReadAll(c.Request.Body)
@@ -246,72 +37,7 @@ func readRequestBody(c *gin.Context) ([]byte, error) {
 	return body, nil
 }
 
-// 设置请求头
-func setRequestHeaders(c *gin.Context, req *req.Request) {
-	for key, values := range c.Request.Header {
-		for _, value := range values {
-			req.SetHeader(key, value)
-		}
-	}
-}
-
 /*
-	func authPassThrough(c *gin.Context, cfg *config.Config, req *req.Request) {
-		if cfg.Auth.PassThrough && cfg.Auth.AuthMethod == "parameters" && !cfg.Auth.Enabled {
-			// only mode
-			token := c.Query("token")
-			req.SetHeader("Authorization", "token "+token)
-		} else if cfg.Auth.PassThrough && cfg.Auth.AuthMethod == "header" && cfg.Auth.Enabled {
-			// mix mode
-			token := c.Query("token")
-			req.SetHeader("Authorization", "token "+token)
-		} else if cfg.Auth.PassThrough && cfg.Auth.AuthMethod == "parameters" && cfg.Auth.Enabled {
-			// conflict
-			logWarning("%s %s %s %s %s Auth-Error: Conflict Auth Method", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto)
-			c.JSON(http.StatusForbidden, gin.H{"error": "Conflict Auth Method"})
-			return
-		} else if cfg.Auth.PassThrough && cfg.Auth.AuthMethod == "header" && !cfg.Auth.Enabled {
-			// only mode
-			token := c.Query("token")
-			req.SetHeader("Authorization", "token "+token)
-		}
-	}
-*/
-
-func authPassThrough(c *gin.Context, cfg *config.Config, req *req.Request) {
-	if cfg.Auth.PassThrough {
-		token := c.Query("token")
-		if token != "" {
-			switch cfg.Auth.AuthMethod {
-			case "parameters":
-				if !cfg.Auth.Enabled {
-					req.SetHeader("Authorization", "token "+token)
-				} else {
-					logWarning("%s %s %s %s %s Auth-Error: Conflict Auth Method", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto)
-					// 500 Internal Server Error
-					c.JSON(http.StatusInternalServerError, gin.H{"error": "Conflict Auth Method"})
-					return
-				}
-			case "header":
-				if cfg.Auth.Enabled {
-					req.SetHeader("Authorization", "token "+token)
-				}
-			default:
-				logWarning("%s %s %s %s %s Invalid Auth Method / Auth Method is not be set", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto)
-				// 500 Internal Server Error
-				c.JSON(http.StatusInternalServerError, gin.H{"error": "Invalid Auth Method / Auth Method is not be set"})
-				return
-			}
-		}
-	}
-}
-
-// 复制响应体
-func copyResponseBody(c *gin.Context, respBody io.Reader) error {
-	_, err := io.Copy(c.Writer, respBody)
-	return err
-}
-
 func SendRequest(c *gin.Context, req *req.Request, method, url string) (*req.Response, error) {
 	switch method {
 	case "GET":
@@ -329,69 +55,7 @@ func SendRequest(c *gin.Context, req *req.Request, method, url string) (*req.Res
 		return nil, fmt.Errorf(errmsg)
 	}
 }
-
-func HandleResponseSize(resp *req.Response, cfg *config.Config, c *gin.Context) error {
-	contentLength := resp.Header.Get("Content-Length")
-	sizelimit := cfg.Server.SizeLimit * 1024 * 1024
-	if contentLength != "" {
-		size, err := strconv.Atoi(contentLength)
-		if err == nil && size > sizelimit {
-			finalURL := resp.Request.URL.String()
-			c.Redirect(http.StatusMovedPermanently, finalURL)
-			logWarning("%s %s %s %s %s Final-URL: %s Size-Limit-Exceeded: %d", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto, finalURL, size)
-			return fmt.Errorf("Path: %s size limit exceeded: %d", finalURL, size)
-		}
-	}
-	return nil
-}
-
-func CopyResponseHeaders(resp *req.Response, c *gin.Context, cfg *config.Config) {
-
-	copyHeaders(resp, c)
-
-	removeHeaders(resp)
-
-	setCORSHeaders(c, cfg)
-
-	setDefaultHeaders(c)
-}
-
-// 移除指定响应头
-func removeHeaders(resp *req.Response) {
-	headersToRemove := map[string]struct{}{
-		"Content-Security-Policy":   {},
-		"Referrer-Policy":           {},
-		"Strict-Transport-Security": {},
-	}
-
-	for header := range headersToRemove {
-		resp.Header.Del(header)
-	}
-}
-
-// 复制响应头
-func copyHeaders(resp *req.Response, c *gin.Context) {
-	for key, values := range resp.Header {
-		for _, value := range values {
-			c.Header(key, value)
-		}
-	}
-}
-
-// CORS配置
-func setCORSHeaders(c *gin.Context, cfg *config.Config) {
-	if cfg.CORS.Enabled {
-		c.Header("Access-Control-Allow-Origin", "*")
-	} else {
-		c.Header("Access-Control-Allow-Origin", "")
-	}
-}
-
-// 默认响应
-func setDefaultHeaders(c *gin.Context) {
-	c.Header("Age", "10")
-	c.Header("Cache-Control", "max-age=300")
-}
+*/
 
 func HandleError(c *gin.Context, message string) {
 	c.String(http.StatusInternalServerError, fmt.Sprintf("server error %v", message))
@@ -408,3 +72,21 @@ func CheckURL(u string, c *gin.Context) []string {
 	logWarning(errMsg)
 	return nil
 }
+
+/*
+// 处理响应大小
+func HandleResponseSize(resp *http.Response, cfg *config.Config, c *gin.Context) error {
+	contentLength := resp.Header.Get("Content-Length")
+	sizelimit := cfg.Server.SizeLimit * 1024 * 1024
+	if contentLength != "" {
+		size, err := strconv.Atoi(contentLength)
+		if err == nil && size > sizelimit {
+			finalURL := resp.Request.URL.String()
+			c.Redirect(http.StatusMovedPermanently, finalURL)
+			logWarning("%s %s %s %s %s Final-URL: %s Size-Limit-Exceeded: %d", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto, finalURL, size)
+			return fmt.Errorf("Path: %s size limit exceeded: %d", finalURL, size)
+		}
+	}
+	return nil
+}
+*/

proxy/proxyreq.go

@@ -0,0 +1,79 @@
+package proxy
+
+/*
+func ProxyRequest(c *gin.Context, u string, cfg *config.Config, mode string, runMode string) {
+	method := c.Request.Method
+	logInfo("%s %s %s %s %s", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto)
+
+	client := createHTTPClient(mode)
+	if runMode == "dev" {
+		client.DevMode()
+	}
+
+	// 发送HEAD请求, 预获取Content-Length
+	headReq := client.R()
+	setRequestHeaders(c, headReq)
+	AuthPassThrough(c, cfg, headReq)
+
+	headResp, err := headReq.Head(u)
+	if err != nil {
+		HandleError(c, fmt.Sprintf("Failed to send request: %v", err))
+		return
+	}
+	defer headResp.Body.Close()
+
+	if err := HandleResponseSize(headResp, cfg, c); err != nil {
+		logWarning("%s %s %s %s %s Response-Size-Error: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
+		return
+	}
+
+	body, err := readRequestBody(c)
+	if err != nil {
+		HandleError(c, err.Error())
+		return
+	}
+
+	req := client.R().SetBody(body)
+	setRequestHeaders(c, req)
+	AuthPassThrough(c, cfg, req)
+
+	resp, err := SendRequest(c, req, method, u)
+	if err != nil {
+		HandleError(c, fmt.Sprintf("Failed to send request: %v", err))
+		return
+	}
+	defer resp.Body.Close()
+
+	if err := HandleResponseSize(resp, cfg, c); err != nil {
+		logWarning("%s %s %s %s %s Response-Size-Error: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
+		return
+	}
+
+	CopyResponseHeaders(resp, c, cfg)
+	c.Status(resp.StatusCode)
+	if err := copyResponseBody(c, resp.Body); err != nil {
+		logError("%s %s %s %s %s Response-Copy-Error: %v", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto, err)
+	}
+}
+
+// 复制响应体
+func copyResponseBody(c *gin.Context, respBody io.Reader) error {
+	_, err := io.Copy(c.Writer, respBody)
+	return err
+}
+
+// 判断并选择TLS指纹
+func createHTTPClient(mode string) *req.Client {
+	client := req.C()
+	switch mode {
+	case "chrome":
+		client.SetUserAgent("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36").
+			SetTLSFingerprintChrome().
+			ImpersonateChrome()
+	case "git":
+		client.SetUserAgent("git/2.33.1")
+	}
+	return client
+}
+
+*/

proxy/reqheader.go

@@ -0,0 +1,21 @@
+package proxy
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+)
+
+// 设置请求头
+func setRequestHeaders(c *gin.Context, req *http.Request) {
+	for key, values := range c.Request.Header {
+		for _, value := range values {
+			req.Header.Set(key, value)
+		}
+	}
+}
+
+func removeWSHeader(req *http.Request) {
+	req.Header.Del("Upgrade")
+	req.Header.Del("Connection")
+}