### URL Rewrite Rules Example Source: https://manual.nssurge.com/http-processing/url-rewrite.html This example demonstrates the basic syntax for URL rewrite rules, including header mode, 302 redirect, and reject mode. ```plaintext [URL Rewrite] ^http://www.google.cn http://www.google.com header ^http://yachen.com https://yach.me 302 ^http://ad.com/ad.png _ reject ``` -------------------------------- ### JavaScript Rule Example Source: https://manual.nssurge.com/scripting/rule.html A simple JavaScript example for a script rule. It checks if the hostname matches 'home.com' and the Wi-Fi SSID matches 'My Home'. The script must return an object with a 'matched' property. ```javascript var hostnameMatched = ($request.hostname === 'home.com'); var ssidMatched = ($network.wifi.ssid === 'My Home'); $done({matched: (hostnameMatched && ssidMatched)}); ``` -------------------------------- ### Basic Header Rewrite Examples Source: https://manual.nssurge.com/http-processing/header-rewrite.html Demonstrates various header rewrite actions including adding, deleting, and replacing headers for HTTP requests and responses. The old versions of Surge only supported request modification and omitted the http-request directive. ```plaintext [Header Rewrite] http-request ^http://example.com header-add DNT 1 http-request ^http://example.com header-del Cookie http-request ^http://example.com header-replace User-Agent Unknown http-response ^http://example.com header-replace-regex Date 2022 2023 ``` ```plaintext [Header Rewrite] ^http://example.com header-add DNT 1 ``` -------------------------------- ### Cron Job Example Source: https://manual.nssurge.com/scripting/cron.html This example demonstrates how to set a cron job to execute a script at a specific time. The cron expression '0 2 * * *' schedules the script to run daily at 2 AM. Ensure the script path is correctly specified. ```javascript // cron "0 2 * * *" script-path=cron.js $surge.setSelectGroupPolicy('Group', 'Proxy'); $done(); ``` -------------------------------- ### Subnet Rule Examples Source: https://manual.nssurge.com/rule/subnet.html Examples of SUBNET rules. The first rule matches all wired networks directly. The second rule matches a specific Wi-Fi SSID using a proxy. ```plaintext SUBNET,TYPE:WIRED,DIRECT ``` ```plaintext SUBNET,SSID:MyHome,Proxy ``` -------------------------------- ### DNSPod DNS Resolver Script Example Source: https://manual.nssurge.com/scripting/dns.html This JavaScript snippet demonstrates how to use the DNSPod HTTP DNS API to resolve domains. It handles potential errors and returns resolved IP addresses with a cache TTL. ```javascript $httpClient.get('http://119.29.29.29/d?dn=' + $domain, function(error, response, data){ if (error) { $done({}); // Fallback to standard DND query } else { $done({addresses: data.split(';'), ttl: 600}); } }); ``` -------------------------------- ### Combine Rules with AND, OR, NOT in Surge Source: https://manual.nssurge.com/book/understanding-surge/cn Use logical operators AND, OR, and NOT to combine different rule types for complex matching scenarios. This example blocks UDP packets from Google Chrome. ```Surge Configuration AND,((PROCESS-NAME,Google Chrome),(PROTOCOL,UDP)),REJECT ``` -------------------------------- ### External Proxy Policy Definition (Surge Mac) Source: https://manual.nssurge.com/book/understanding-surge/cn Defines an external proxy policy that executes an external program to handle proxy requests. Surge forwards requests to a local SOCKS5 proxy started by the external program. ```plaintext External = external, exec = "/usr/local/bin/local", args = "-c", args = "/usr/local/etc/config.json", local-port = 1080, addresses = 11.22.33.44 ``` -------------------------------- ### Configure HTTP POST Request Options Source: https://manual.nssurge.com/scripting/common.html Set up an HTTP POST request using an options object, specifying the URL, headers, body, and timeout. ```javascript { url: "http://www.example.com/", headers: { Content-Type: "application/json" }, body: "{}", timeout: 5 } ``` -------------------------------- ### Mock HTTP Server Responses with Map Local Source: https://manual.nssurge.com/http-processing/mock.html Define rules to mock HTTP server responses. Each line specifies a URL pattern and the response details. ```surge [Map Local] ^http://surgetest\.com/json data-type=text data="{}" status-code=500 ^http://surgetest\.com/gif data-type=tiny-gif status-code=200 ^http://surgetest\.com/file data-type=file data="data/map-local.json" header="a:b|foo:bar" ^http://surgetest\.com/base64 data="dGVzdA==" data-type=base64 ``` -------------------------------- ### Combine Add and Delete Header Actions Source: https://manual.nssurge.com/http-processing/header-rewrite.html Illustrates how to effectively replace a header by first deleting it and then adding it with the new value. This ensures the header is updated correctly. ```plaintext [Header Rewrite] ^http://example.com header-del DNT ^http://example.com header-add DNT 1 ``` -------------------------------- ### Append System DNS Servers Source: https://manual.nssurge.com/dns/dns-override.html Use the 'system' keyword to include the operating system's DNS servers in addition to custom ones. Duplicate servers will be automatically ignored. ```ini [General] dns-server = system, 8.8.8.8, 8.8.4.4 ``` -------------------------------- ### Enable TCP Fast Open Source: https://manual.nssurge.com/policy/parameters.html Enable TCP Fast Open (TFO) by setting the 'tfo' parameter to true. This can improve connection establishment speed. ```plaintext ProxyHTTP = http, 1.2.3.4, 443, username, password, tfo=true ``` -------------------------------- ### Basic Information Source: https://manual.nssurge.com/scripting/common.html Provides access to network environment details and script execution context. ```APIDOC ## Basic Information ### `$network` The object contains the detail of the network environment. ### `$script` - `$script.name`: The script name which is being evaluated. - `$script.startTime`: The time when the current script starts. - `$script.type`: The type of the current script. ### `$environment` - `$environment.system`: iOS or macOS. - `$environment.surge-build`: The build number of Surge. - `$environment.surge-version`: The short version number of Surge. - `$environment.language`: The current UI language of Surge. - `$environment.device-model`: The current device model. iOS 5.9.0+ Mac 5.5.0+ ``` -------------------------------- ### $httpClient Source: https://manual.nssurge.com/scripting/common.html Provides functionality to initiate HTTP requests from within scripts. ```APIDOC ## $httpClient ### `$httpClient.post(URL or options, callback)` Start an HTTP POST request. The first parameter can be a URL or object. An example object may look like that. ``` { url: "http://www.example.com/", headers: { Content-Type: "application/json" }, body: "{}", timeout: 5 } ``` When using an object as an option list. The `url` is required. If the `headers` field exists, it overwrites all existing header fields. `body` can be a string or object. When presenting an object, it is encoded to JSON string, and the 'Content-Type' is set to `application/json`. ``` -------------------------------- ### Basic Local DNS Mapping Source: https://manual.nssurge.com/dns/local-dns-mapping.html Define custom IP addresses for specific domains or wildcard sub-domains. Supports simple string matching for wildcards. ```Surge Configuration [Host] abc.com = 1.2.3.4 *.dev = 6.7.8.9 foo.com = bar.com bar.com = server:8.8.8.8 ``` -------------------------------- ### Using System DNS Resolver Source: https://manual.nssurge.com/dns/local-dns-mapping.html Configure a hostname to be resolved by the system's default DNS resolver. Useful when Surge's internal DNS client encounters issues. ```Surge Configuration [Host] Macbook = server:system ``` -------------------------------- ### Configure DNS Script in Surge Source: https://manual.nssurge.com/scripting/dns.html Use this configuration to set a JavaScript file as a DNS resolver for specific domains. The script path is specified in the configuration. ```ini dns dnspod script-path=dnspod.js ``` ```ini [Host] example.com = script:dnspod *.example.com = script:dnspod ``` -------------------------------- ### Configure Encrypted DNS for All Domains Source: https://manual.nssurge.com/dns/doh.html Set a primary encrypted DNS server for all domain lookups. Multiple servers can be specified, separated by commas. ```ini [General] encrypted-dns-server = https://8.8.8.8/dns-query ``` -------------------------------- ### Enable DNS to Follow Interface Source: https://manual.nssurge.com/policy/parameters.html The 'dns-follow-interface' parameter makes the 'interface' parameter of the policy also take effect for DNS queries. This requires iOS 5.15.2+ or Mac 5.2.0+. ```plaintext ProxyHTTP = http, 1.2.3.4, 443, username, password, interface = en2, dns-follow-interface=true ``` -------------------------------- ### Define External Proxy Policy Source: https://manual.nssurge.com/policy/external-proxy.html Use the `external` policy type to configure an external proxy. Specify the executable path with `exec` and its arguments with `args`. `local-port` is required for Surge to forward traffic to the external process. The `addresses` parameter is optional for excluding specific IPs from VIF routes. ```Surge Configuration [Proxy] external = external, exec = "/usr/bin/ssh", args = "11.22.33.44", args = "-D", args = "127.0.0.1:1080", local-port = 1080, addresses = 11.22.33.44 ``` -------------------------------- ### Direct Policy with VPN Interface Source: https://manual.nssurge.com/book/understanding-surge/cn Configures a 'direct' policy to use a specific VPN interface (utun1) and allows fallback to the default interface if utun1 is unavailable. ```plaintext [Proxy] CorpVPN = direct, interface=utun1, allow-other-interface=true [Rule] DOMAIN-SUFFIX,internal.corp.com,CorpVPN ``` -------------------------------- ### Define HTTP and Cron Scripts Source: https://manual.nssurge.com/scripting/common.html Configure different types of scripts, including HTTP response, cron jobs, HTTP requests, and DNS scripts, by specifying their type, pattern, and script path. ```plaintext [Script] script1 = type=http-response,pattern=^http://www.example.com/test,script-path=test.js,max-size=16384,debug=true script2 = type=cron,cronexp="* * * * *",script-path=fired.js script3 = type=http-request,pattern=^http://httpbin.org,script-path=http-request.js,max-size=16384,debug=true,requires-body=true script4 = type=dns,script-path=dns.js,debug=true ``` -------------------------------- ### Using System Library DNS Resolver Source: https://manual.nssurge.com/dns/local-dns-mapping.html Forward DNS queries to the system's DNS servers via Surge's internal library, especially useful in enhanced mode to bypass traditional system resolvers. ```Surge Configuration [Host] Macbook = server:syslib ``` -------------------------------- ### Wildcard DNS Mapping Source: https://manual.nssurge.com/dns/local-dns-mapping.html Use a wildcard prefix to map all sub-domains of a given domain. Note that '*' prefix matches the domain itself and its sub-domains. ```Surge Configuration [Host] *.dev = 6.7.8.9 ``` -------------------------------- ### Configure MITM with CA Certificate and Passphrase Source: https://manual.nssurge.com/http-processing/mitm.html Use this configuration to enable Man-in-the-Middle decryption with a custom CA certificate and passphrase. Ensure the CA certificate is properly exported to PKCS#12 format and encoded in base64. ```ini [MITM] ca-p12 = MIIJtQ......... ca-passphrase = password hostname = *google.com h2 = true ``` -------------------------------- ### Configure Encrypted DNS with Proxy Support Source: https://manual.nssurge.com/dns/doh.html Enable encrypted DNS connections to follow the system's outbound proxy settings. This is useful for querying DoH servers through a proxy. ```ini [General] encrypted-dns-follow-outbound-mode=true ``` -------------------------------- ### Load-Balance Policy Group Configuration Source: https://manual.nssurge.com/book/understanding-surge/cn Configures a load-balance policy group that randomly selects a proxy. If 'url' is set, it first checks availability and then selects randomly from available proxies. 'persistent=true' attempts to use the same proxy for the same hostname. ```plaintext persistent = true url = "http://www.google.com/generate_204" timeout = 5 ``` -------------------------------- ### Assigning Specific DNS Server Source: https://manual.nssurge.com/dns/local-dns-mapping.html Map a domain to a specific DNS server, such as Google's public DNS. This overrides the default DNS resolution for the specified domain. ```Surge Configuration [Host] bar.com = server:8.8.8.8 ``` -------------------------------- ### Alias DNS Mapping Source: https://manual.nssurge.com/dns/local-dns-mapping.html Create CNAME-like records to map one domain to another. This allows aliasing domain names. ```Surge Configuration [Host] foo.com = bar.com ``` -------------------------------- ### Enable Hybrid Connection (iOS Only) Source: https://manual.nssurge.com/policy/parameters.html The 'hybrid' parameter, available only on iOS, sets up the connection with cellular data and Wi-Fi simultaneously, using the faster link. ```plaintext ProxyHTTP = http, 1.2.3.4, 443, username, password, hybrid=true ``` -------------------------------- ### Configure Binary Mode for HTTP Requests Source: https://manual.nssurge.com/scripting/common.html Set `binary-mode` to true to receive response data as a TypedArray instead of a String. This is useful for handling binary data efficiently. ```javascript { url: "http://www.example.com/", binary-mode: true } ``` -------------------------------- ### Post a Notification with Options Source: https://manual.nssurge.com/scripting/common.html Post a notification with custom title, subtitle, and body. Advanced options include actions like opening URLs or copying to clipboard, media attachments, and auto-dismissal. ```javascript $notification.post("Notification Title", "Subtitle", "Body", { action: "open-url", url: "http://example.com" }); ``` ```javascript $notification.post("Notification Title", "Subtitle", "Body", { action: "clipboard", text: "Content to copy" }); ``` ```javascript $notification.post("Notification Title", "Subtitle", "Body", { "media-url": "http://example.com/image.png" }); ``` ```javascript $notification.post("Notification Title", "Subtitle", "Body", { "media-base64": "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNkYAAAAAYAAjCB0C8AAAAASUVORK5CYII=", "media-base64-mime": "image/png" }); ``` ```javascript $notification.post("Notification Title", "Subtitle", "Body", { "auto-dismiss": true }); ``` ```javascript $notification.post("Notification Title", "Subtitle", "Body", { sound: true }); ``` -------------------------------- ### Persistent Store Source: https://manual.nssurge.com/scripting/common.html APIs for reading and writing data persistently, allowing data sharing between scripts. ```APIDOC ## Persistent Store ### `$persistentStore.write(data, [key])` Save data permanently. Only a string is allowed. Return true if successes. ### `$persistentStore.read([key])` Get the saved data. Return a string or Null. If the key is undefined, the script with the same script-path shares the storage pool. Data can be shared among different scripts when using a key. Tips: Surge Mac writes the $persistentStore data to the directory `~/Library/Application Support/com.nssurge.surge-mac/SGJSVMPersistentStore/`. You may edit the files here directly for debugging. ``` -------------------------------- ### URL-Test Policy Group Configuration Source: https://manual.nssurge.com/book/understanding-surge/cn Configures a url-test policy group that selects the fastest available proxy based on latency tests to a specified URL. 'evaluate-before-use=true' ensures a proxy is selected only after tests complete. ```plaintext url = "http://www.google.com/generate_204" timeout = 10 interval = 600 tolerance = 10 evaluate-before-use = true ``` -------------------------------- ### Configure Client Source Address for MITM Source: https://manual.nssurge.com/http-processing/mitm.html Specify which clients should have Man-in-the-Middle enabled. This parameter supports single IP addresses, CIDR blocks (IPv4/IPv6), and exclusion prefixes. If not set, MITM is enabled for all clients. ```plaintext client-source-address = -192.168.1.2, 0.0.0.0/0 ``` -------------------------------- ### Configure Hostname Filtering for MITM Source: https://manual.nssurge.com/http-processing/mitm.html Define which hosts Surge should intercept for Man-in-the-Middle decryption. Use wildcards and prefixes for inclusion/exclusion. For detailed rules, refer to the Host List Parameter Type documentation. ```plaintext hostname = -*.apple.com, -*.icloud.com, * ``` -------------------------------- ### Configure IP Version for Proxy Connection Source: https://manual.nssurge.com/policy/parameters.html The 'ip-version' parameter controls the behavior between IPv4 and IPv6 protocols for the connection to the proxy server. Options include 'dual', 'v4-only', 'v6-only', 'prefer-v4', and 'prefer-v6'. ```plaintext ProxyHTTP = http, 1.2.3.4, 443, username, password, ip-version=v4-only ``` -------------------------------- ### Use Local DNS Item for Proxy Requests Source: https://manual.nssurge.com/dns/local-dns-mapping.html Enable the 'use-local-host-item-for-proxy' option to make Surge send proxy requests with local IP addresses for matched local DNS records instead of original domains. This only applies to local DNS mappings using an IP address. ```Surge Configuration [General] use-local-host-item-for-proxy=true ``` -------------------------------- ### Configure Encrypted DNS for Specified Domains Source: https://manual.nssurge.com/dns/doh.html Assign a specific encrypted DNS server to a particular domain. This allows for granular control over DNS resolution. ```ini [Host] example.com = server:https://cloudflare-dns.com/dns-query ``` -------------------------------- ### Direct Policy for Network Interface Selection (Surge Mac) Source: https://manual.nssurge.com/book/understanding-surge/cn Forces requests to use a specific network interface. 'allow-other-interface=false' will disconnect if the specified interface is not found. ```plaintext PolicyName = direct, interface=en2, allow-other-interface=false ``` -------------------------------- ### Configure Script Rule Source: https://manual.nssurge.com/scripting/rule.html Defines a rule named 'ssid-rule' that uses the 'ssid-rule.js' script. The script will be used to determine traffic routing. ```config rule ssid-rule script-path=ssid-rule.js ``` ```config SCRIPT,ssid-rule,DIRECT ``` -------------------------------- ### Enable ECN Support Source: https://manual.nssurge.com/policy/parameters.html Enable ECN (Explicit Congestion Notification) support with the 'ecn' parameter. This can improve bandwidth performance in high packet loss environments but may cause connection failure in unsupported environments. Requires iOS 5.8.0+ or Mac 5.4.0+. ```plaintext ProxyHTTP = http, 1.2.3.4, 443, username, password, ecn=true ``` -------------------------------- ### Specify Outgoing Network Interface for Direct Policy Source: https://manual.nssurge.com/policy/parameters.html Direct policy aliases also support the 'interface' parameter. If the desired interface is unavailable, Surge can be allowed to use the default interface by setting 'allow-other-interface' to true. ```plaintext [Proxy] Corp-VPN = direct, interface = utun0 ``` ```plaintext WiFi = direct, interface = en2, allow-other-interface=true ``` -------------------------------- ### Configure Script Rule with DNS Resolution Source: https://manual.nssurge.com/scripting/rule.html Enables DNS resolution for a script rule named 'ssid-rule'. This allows the script to access DNS results via the $request.dnsResult object. ```config SCRIPT,ssid-rule,DIRECT,requires-resolve ``` -------------------------------- ### Basic HTTP Request/Response Body Rewrite Source: https://manual.nssurge.com/http-processing/body-rewrite.html Use this for simple text replacements in HTTP request or response bodies based on URL matching. Supports consecutive replacements. ```plaintext [Body Rewrite] http-request ^http(s)?://example\.com value abc http-response ^http(s)?://example\.com documents Surge ``` ```plaintext http-response ^https?://example\.com/ regex1 replacement1 regex2 replacement2 ``` ```plaintext http-response ^https?://example\.com/ regex1 replacement1 regex2 replacement2 regex3 replacement3 … ``` -------------------------------- ### Override UDP Test Settings Source: https://manual.nssurge.com/policy/parameters.html Use 'test-udp' to override the global 'proxy-test-udp' settings for a proxy. Surge tests UDP relay performance by performing a DNS lookup. ```plaintext test-udp=google.com@1.1.1.1 ``` -------------------------------- ### Referencing Remote Rule Sets for DNS Mapping Source: https://manual.nssurge.com/dns/local-dns-mapping.html Bind remote DOMAIN-SET or RULE-SET files to DNS mapping entries. This allows sharing upstream or IP mappings with managed lists, useful for DOH/DOQ assignments. ```Surge Configuration [Host] DOMAIN-SET:https://example.com/domains.txt = server:https://doh.example.com/dns-query RULE-SET:https://example.com/rules.txt = 10.0.0.10 ``` -------------------------------- ### Customize IP TOS Value Source: https://manual.nssurge.com/policy/parameters.html Use the 'tos' parameter to customize the IP TOS (Type of Service) value. It accepts decimal or hexadecimal input. ```plaintext ProxyHTTP = http, 1.2.3.4, 443, username, password, tos=0x10 ``` -------------------------------- ### Specify Outgoing Network Interface for Proxy Policy Source: https://manual.nssurge.com/policy/parameters.html Use the 'interface' parameter to force a specified outgoing network interface for proxy policies. Ensure the interface has a valid route table for the destination address. ```plaintext ProxyHTTP = http, 1.2.3.4, 443, username, password, interface = en2 ``` -------------------------------- ### Fallback Policy Group Configuration Source: https://manual.nssurge.com/book/understanding-surge/cn Configures a fallback policy group that selects the first available proxy from the list, prioritizing availability over latency. 'timeout' can be adjusted to mark slow proxies as unavailable. ```plaintext url = "http://www.google.com/generate_204" timeout = 2 ``` -------------------------------- ### Define Policy Aliases Source: https://manual.nssurge.com/policy/built-in.html Use aliases to create custom names for built-in policies. This allows for more readable configurations in rules and policy groups. ```yaml [Proxy] On = direct Off = reject ``` -------------------------------- ### Override DNS Server Source: https://manual.nssurge.com/dns/dns-override.html Specify custom DNS server IP addresses to override the system's default DNS settings. This is useful for directing DNS queries to specific servers. ```ini [General] dns-server = 8.8.8.8, 8.8.4.4 ``` -------------------------------- ### Replace Header using Regex with Surge Source: https://manual.nssurge.com/http-processing/header-rewrite.html Replaces a header value using a regular expression and a template. This action is applied only if the header field exists. ```plaintext [Header Rewrite] http-request ^http://example.com header-replace-regex User-Agent Safari Chrome ``` -------------------------------- ### Reject Mode URL Rewrite Source: https://manual.nssurge.com/http-processing/url-rewrite.html Utilize Reject Mode to block requests that match the specified pattern. The replacement parameter is ignored. HTTPS requests will be rejected if MitM for the hostname is enabled. ```plaintext [URL Rewrite] ^http://ad.com/ad.png _ reject ``` -------------------------------- ### Add Header with Surge Source: https://manual.nssurge.com/http-processing/header-rewrite.html Appends a new header line to an HTTP request. This action adds the header even if the field already exists. ```plaintext [Header Rewrite] http-request ^http://example.com header-add DNT 1 ``` -------------------------------- ### Control Surge Source: https://manual.nssurge.com/scripting/common.html Allows controlling Surge's functions by calling its HTTP APIs. ```APIDOC ## Control Surge ### `$httpAPI(method, path, body, callback(result))` You may use $httpAPI to call all HTTP APIs to control Surge's functions. No authentication parameters are required. See the HTTP API section for the available abilities. ``` -------------------------------- ### HTTP Proxy Policy Definition Source: https://manual.nssurge.com/book/understanding-surge/cn Defines a basic HTTP proxy policy with username and password authentication. ProxyA is the policy name used in rules and policy groups. ```plaintext ProxyA = http, 11.22.33.44, 8080, username=user, password=pass ``` -------------------------------- ### Override Testing Timeout Source: https://manual.nssurge.com/policy/parameters.html Override the global testing timeout for proxy availability and latency tests by specifying the 'test-timeout' in seconds. ```plaintext test-timeout=10 ``` -------------------------------- ### Override Testing URL Source: https://manual.nssurge.com/policy/parameters.html Use 'test-url' to override the global testing URL for availability and latency testing of a proxy. Surge performs an HTTP HEAD request to this URL. ```plaintext test-url=http://google.com ``` -------------------------------- ### Replace Header with Surge Source: https://manual.nssurge.com/http-processing/header-rewrite.html Replaces the value of an existing header field in an HTTP request. If the header field does not exist, this action has no effect. ```plaintext [Header Rewrite] http-request ^http://example.com header-replace DNT 1 ``` -------------------------------- ### SSID Policy Group Configuration Source: https://manual.nssurge.com/book/understanding-surge/cn Configures an SSID policy group that allows selecting different proxies based on network conditions like SSID, BSSID, or router IP. iOS versions also support specifying policies for cellular data networks. ```plaintext ssid = "MyWiFi" bssid = "AA:BB:CC:DD:EE:FF" router-ip = "192.168.1.1" ``` -------------------------------- ### Modify HTTP Response Headers Source: https://manual.nssurge.com/scripting/http-response.html Add or modify headers in an HTTP response. This script demonstrates how to append a custom header to the response. ```javascript let headers = $response.headers; headers['X-Modified-By'] = 'Surge'; $done({headers}); ``` -------------------------------- ### 302 Mode URL Rewrite Source: https://manual.nssurge.com/http-processing/url-rewrite.html Employ 302 Mode to issue a 302 redirect response. This mode can redirect HTTPS requests if MitM for the hostname is enabled. ```plaintext [URL Rewrite] ^http://yachen.com https://yach.me 302 ``` -------------------------------- ### Modify HTTP Request Headers Source: https://manual.nssurge.com/scripting/http-request.html Use this script to add or modify request headers. Ensure the script correctly accesses and modifies the $request.headers object before calling $done(). ```javascript let headers = $request.headers; headers['X-Modified-By'] = 'Surge'; $done({headers}); ``` -------------------------------- ### Disable Error Alerts for Policy Source: https://manual.nssurge.com/policy/parameters.html Use the 'no-error-alert' parameter to prevent Surge from showing error alerts for a specific policy. ```plaintext ProxyHTTP = http, 1.2.3.4, 443, username, password, no-error-alert=true ``` -------------------------------- ### Delete Header with Surge Source: https://manual.nssurge.com/http-processing/header-rewrite.html Removes a specified header line from an HTTP request. This is useful for cleaning up unwanted headers. ```plaintext [Header Rewrite] http-request ^http://example.com header-del DNT ``` -------------------------------- ### Block QUIC Traffic Source: https://manual.nssurge.com/policy/parameters.html The 'block-quic' option controls the blocking of QUIC traffic to prevent performance issues when forwarding QUIC through a proxy. Options are 'auto', 'on', or 'off'. Requires iOS 5.8.0+ or Mac 5.4.0+. ```plaintext ProxyHTTP = http, 1.2.3.4, 443, username, password, block-quic=on ``` -------------------------------- ### Header Mode URL Rewrite Source: https://manual.nssurge.com/http-processing/url-rewrite.html Use Header Mode to modify the request header and redirect the request to another host without client notification. The 'Host' field in the request header will be updated. ```plaintext [URL Rewrite] ^http://www.google.cn http://www.google.com header ``` -------------------------------- ### JQ Body Rewrite for JSON Manipulation Source: https://manual.nssurge.com/http-processing/body-rewrite.html Utilize JQ expressions to modify JSON bodies in HTTP requests or responses. This is useful for complex JSON transformations. ```plaintext http-request-jq url-pattern jq-expexpression ``` ```plaintext http-response-jq url-pattern jq-expexpression ``` ```plaintext http-response-jq ^http://httpbingo.org/anything '.headers |= with_entries(select(.key | test("^X-") | not))' ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.