Remove allowInsecure

Remove the deprecated `allowInsecure`

sub/subJsonService.go

@@ -253,9 +253,6 @@ func (s *SubJsonService) tlsData(tData map[string]any) map[string]any {
 
 	tlsData["serverName"] = tData["serverName"]
 	tlsData["alpn"] = tData["alpn"]
-	if allowInsecure, ok := tlsClientSettings["allowInsecure"].(bool); ok {
-		tlsData["allowInsecure"] = allowInsecure
-	}
 	if fingerprint, ok := tlsClientSettings["fingerprint"].(string); ok {
 		tlsData["fingerprint"] = fingerprint
 	}

sub/subService.go

@@ -270,9 +270,6 @@ func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string {
 			if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok {
 				obj["fp"], _ = fpValue.(string)
 			}
-			if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok {
-				obj["allowInsecure"], _ = insecure.(bool)
-			}
 		}
 	}
 
@@ -296,7 +293,7 @@ func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string {
 			newSecurity, _ := ep["forceTls"].(string)
 			newObj := map[string]any{}
 			for key, value := range obj {
-				if !(newSecurity == "none" && (key == "alpn" || key == "sni" || key == "fp" || key == "allowInsecure")) {
+				if !(newSecurity == "none" && (key == "alpn" || key == "sni" || key == "fp")) {
 					newObj[key] = value
 				}
 			}
@@ -431,11 +428,6 @@ func (s *SubService) genVlessLink(inbound *model.Inbound, email string) string {
 			if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok {
 				params["fp"], _ = fpValue.(string)
 			}
-			if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok {
-				if insecure.(bool) {
-					params["allowInsecure"] = "1"
-				}
-			}
 		}
 
 		if streamNetwork == "tcp" && len(clients[clientIndex].Flow) > 0 {
@@ -501,7 +493,7 @@ func (s *SubService) genVlessLink(inbound *model.Inbound, email string) string {
 			q := url.Query()
 
 			for k, v := range params {
-				if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp" || k == "allowInsecure")) {
+				if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp")) {
 					q.Add(k, v)
 				}
 			}
@@ -632,11 +624,6 @@ func (s *SubService) genTrojanLink(inbound *model.Inbound, email string) string
 			if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok {
 				params["fp"], _ = fpValue.(string)
 			}
-			if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok {
-				if insecure.(bool) {
-					params["allowInsecure"] = "1"
-				}
-			}
 		}
 	}
 
@@ -698,7 +685,7 @@ func (s *SubService) genTrojanLink(inbound *model.Inbound, email string) string
 			q := url.Query()
 
 			for k, v := range params {
-				if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp" || k == "allowInsecure")) {
+				if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp")) {
 					q.Add(k, v)
 				}
 			}
@@ -837,11 +824,6 @@ func (s *SubService) genShadowsocksLink(inbound *model.Inbound, email string) st
 			if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok {
 				params["fp"], _ = fpValue.(string)
 			}
-			if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok {
-				if insecure.(bool) {
-					params["allowInsecure"] = "1"
-				}
-			}
 		}
 	}
 
@@ -870,7 +852,7 @@ func (s *SubService) genShadowsocksLink(inbound *model.Inbound, email string) st
 			q := url.Query()
 
 			for k, v := range params {
-				if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp" || k == "allowInsecure")) {
+				if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp")) {
 					q.Add(k, v)
 				}
 			}

web/assets/js/model/inbound.js

@@ -635,7 +635,7 @@ class TlsStreamSettings extends XrayCommonClass {
         }
 
         if (!ObjectUtil.isEmpty(json.settings)) {
-            settings = new TlsStreamSettings.Settings(json.settings.allowInsecure, json.settings.fingerprint, json.settings.echConfigList);
+            settings = new TlsStreamSettings.Settings(json.settings.fingerprint, json.settings.echConfigList);
         }
         return new TlsStreamSettings(
             json.serverName,
@@ -738,25 +738,21 @@ TlsStreamSettings.Cert = class extends XrayCommonClass {
 
 TlsStreamSettings.Settings = class extends XrayCommonClass {
     constructor(
-        allowInsecure = false,
         fingerprint = UTLS_FINGERPRINT.UTLS_CHROME,
         echConfigList = '',
     ) {
         super();
-        this.allowInsecure = allowInsecure;
         this.fingerprint = fingerprint;
         this.echConfigList = echConfigList;
     }
     static fromJson(json = {}) {
         return new TlsStreamSettings.Settings(
-            json.allowInsecure,
             json.fingerprint,
             json.echConfigList,
         );
     }
     toJson() {
         return {
-            allowInsecure: this.allowInsecure,
             fingerprint: this.fingerprint,
             echConfigList: this.echConfigList
         };
@@ -1417,9 +1413,6 @@ class Inbound extends XrayCommonClass {
             if (this.stream.tls.alpn.length > 0) {
                 obj.alpn = this.stream.tls.alpn.join(',');
             }
-            if (this.stream.tls.settings.allowInsecure) {
-                obj.allowInsecure = this.stream.tls.settings.allowInsecure;
-            }
         }
 
         return 'vmess://' + Base64.encode(JSON.stringify(obj, null, 2));
@@ -1480,9 +1473,6 @@ class Inbound extends XrayCommonClass {
             if (this.stream.isTls) {
                 params.set("fp", this.stream.tls.settings.fingerprint);
                 params.set("alpn", this.stream.tls.alpn);
-                if (this.stream.tls.settings.allowInsecure) {
-                    params.set("allowInsecure", "1");
-                }
                 if (!ObjectUtil.isEmpty(this.stream.tls.sni)) {
                     params.set("sni", this.stream.tls.sni);
                 }
@@ -1583,9 +1573,6 @@ class Inbound extends XrayCommonClass {
             if (this.stream.isTls) {
                 params.set("fp", this.stream.tls.settings.fingerprint);
                 params.set("alpn", this.stream.tls.alpn);
-                if (this.stream.tls.settings.allowInsecure) {
-                    params.set("allowInsecure", "1");
-                }
                 if (this.stream.tls.settings.echConfigList?.length > 0) {
                     params.set("ech", this.stream.tls.settings.echConfigList);
                 }
@@ -1662,9 +1649,6 @@ class Inbound extends XrayCommonClass {
             if (this.stream.isTls) {
                 params.set("fp", this.stream.tls.settings.fingerprint);
                 params.set("alpn", this.stream.tls.alpn);
-                if (this.stream.tls.settings.allowInsecure) {
-                    params.set("allowInsecure", "1");
-                }
                 if (this.stream.tls.settings.echConfigList?.length > 0) {
                     params.set("ech", this.stream.tls.settings.echConfigList);
                 }

web/assets/js/model/outbound.js

@@ -345,16 +345,14 @@ class TlsStreamSettings extends CommonClass {
         serverName = '',
         alpn = [],
         fingerprint = '',
-        allowInsecure = false,
         echConfigList = '',
-        verifyPeerCertByName = 'cloudflare-dns.com',
+        verifyPeerCertByName = '',
         pinnedPeerCertSha256 = '',
     ) {
         super();
         this.serverName = serverName;
         this.alpn = alpn;
         this.fingerprint = fingerprint;
-        this.allowInsecure = allowInsecure;
         this.echConfigList = echConfigList;
         this.verifyPeerCertByName = verifyPeerCertByName;
         this.pinnedPeerCertSha256 = pinnedPeerCertSha256;
@@ -365,7 +363,6 @@ class TlsStreamSettings extends CommonClass {
             json.serverName,
             json.alpn,
             json.fingerprint,
-            json.allowInsecure,
             json.echConfigList,
             json.verifyPeerCertByName,
             json.pinnedPeerCertSha256,
@@ -377,7 +374,6 @@ class TlsStreamSettings extends CommonClass {
             serverName: this.serverName,
             alpn: this.alpn,
             fingerprint: this.fingerprint,
-            allowInsecure: this.allowInsecure,
             echConfigList: this.echConfigList,
             verifyPeerCertByName: this.verifyPeerCertByName,
             pinnedPeerCertSha256: this.pinnedPeerCertSha256
@@ -936,8 +932,7 @@ class Outbound extends CommonClass {
             stream.tls = new TlsStreamSettings(
                 json.sni,
                 json.alpn ? json.alpn.split(',') : [],
-                json.fp,
-                json.allowInsecure);
+                json.fp);
         }
 
         const port = json.port * 1;
@@ -978,10 +973,9 @@ class Outbound extends CommonClass {
         if (security == 'tls') {
             let fp = url.searchParams.get('fp') ?? 'none';
             let alpn = url.searchParams.get('alpn');
-            let allowInsecure = url.searchParams.get('allowInsecure');
             let sni = url.searchParams.get('sni') ?? '';
             let ech = url.searchParams.get('ech') ?? '';
-            stream.tls = new TlsStreamSettings(sni, alpn ? alpn.split(',') : [], fp, allowInsecure == 1, ech);
+            stream.tls = new TlsStreamSettings(sni, alpn ? alpn.split(',') : [], fp, ech);
         }
 
         if (security == 'reality') {

web/html/form/outbound.html

@@ -700,14 +700,12 @@
           <a-form-item label="ECH Config List">
             <a-input v-model.trim="outbound.stream.tls.echConfigList"></a-input>
           </a-form-item>
-          <a-form-item label="Allow Insecure">
-            <a-switch v-model="outbound.stream.tls.allowInsecure"></a-switch>
-          </a-form-item>
           <a-form-item label="verify Peer Cert By Name">
             <a-input
-              v-model.trim="outbound.stream.tls.verifyPeerCertByName"></a-input>
+              v-model.trim="outbound.stream.tls.verifyPeerCertByName"
+              placeholder="cloudflare-dns.com"></a-input>
           </a-form-item>
-          <a-form-item label="pinned Peer Cert Sha256">
+          <a-form-item label=" pinned Peer Cert Sha256">
             <a-input v-model.trim="outbound.stream.tls.pinnedPeerCertSha256"
               placeholder="Enter SHA256 fingerprints (base64)">
             </a-input>
@@ -772,7 +770,8 @@
           <a-switch v-model="outbound.stream.sockopt.tcpFastOpen"></a-switch>
         </a-form-item>
         <a-form-item label="Multipath TCP">
-          <a-switch v-model.trim="outbound.stream.sockopt.tcpMptcp"></a-switch>
+          <a-switch
+            v-model.trim="outbound.stream.sockopt.tcpMptcp"></a-switch>
         </a-form-item>
         <a-form-item label="Penetrate">
           <a-switch v-model="outbound.stream.sockopt.penetrate"></a-switch>
@@ -799,7 +798,8 @@
         </a-form-item>
         <template v-if="outbound.mux.enabled">
           <a-form-item label="Concurrency">
-            <a-input-number v-model.number="outbound.mux.concurrency" :min="-1"
+            <a-input-number v-model.number="outbound.mux.concurrency"
+              :min="-1"
               :max="1024"></a-input-number>
           </a-form-item>
           <a-form-item label="xudp Concurrency">

web/html/form/tls_settings.html

@@ -58,9 +58,6 @@
           ]]</a-select-option>
       </a-select>
     </a-form-item>
-    <a-form-item label="Allow Insecure">
-      <a-switch v-model="inbound.stream.tls.settings.allowInsecure"></a-switch>
-    </a-form-item>
     <a-form-item label="Reject Unknown SNI">
       <a-switch v-model="inbound.stream.tls.rejectUnknownSni"></a-switch>
     </a-form-item>