chore: allow unsafe path for provider by environment variable

adapter/provider/parser.go

@@ -67,7 +67,7 @@ func ParseProxyProvider(name string, mapping map[string]any) (types.ProxyProvide
 	case "file":
 		vehicle = resource.NewFileVehicle(path)
 	case "http":
-		if !C.Path.IsSubPath(path) {
+		if !C.Path.IsSafePath(path) {
 			return nil, fmt.Errorf("%w: %s", errSubPath, path)
 		}
 		vehicle = resource.NewHTTPVehicle(schema.URL, path)

constant/path.go

@@ -20,14 +20,15 @@ var Path = func() *path {
 	if err != nil {
 		homeDir, _ = os.Getwd()
 	}
-
+	allowUnsafePath := strings.TrimSpace(os.Getenv("SKIP_SAFE_PATH_CHECK")) == "1"
 	homeDir = P.Join(homeDir, ".config", Name)
-	return &path{homeDir: homeDir, configFile: "config.yaml"}
+	return &path{homeDir: homeDir, configFile: "config.yaml", allowUnsafePath: allowUnsafePath}
 }()
 
 type path struct {
 	homeDir         string
 	configFile      string
+	allowUnsafePath bool
 }
 
 // SetHomeDir is used to set the configuration path
@@ -56,8 +57,11 @@ func (p *path) Resolve(path string) string {
 	return path
 }
 
-// IsSubPath return true if path is a subpath of homedir
+// IsSafePath return true if path is a subpath of homedir
-func (p *path) IsSubPath(path string) bool {
+func (p *path) IsSafePath(path string) bool {
+	if p.allowUnsafePath {
+		return true
+	}
 	homedir := p.HomeDir()
 	path = p.Resolve(path)
 	rel, err := filepath.Rel(homedir, path)

docs/config.yaml

@@ -773,7 +773,7 @@ proxy-providers:
     type: http
     url: "url"
     interval: 3600
-    path: ./provider1.yaml
+    path: ./provider1.yaml # 默认只允许存储在 clash 的 Home Dir，如果想存储到任意位置，添加环境变量 SKIP_SAFE_PATH_CHECK=1 
     health-check:
       enable: true
       interval: 600
@@ -790,7 +790,7 @@ rule-providers:
   rule1:
     behavior: classical # domain ipcidr
     interval: 259200
-    path: /path/to/save/file.yaml
+    path: /path/to/save/file.yaml # 默认只允许存储在 clash 的 Home Dir，如果想存储到任意位置，添加环境变量 SKIP_SAFE_PATH_CHECK=1 
     type: http
     url: "url"
   rule2: