SIP002 URI scheme
SIP002 purposed a new URI scheme, following RFC3986:
SS-URI = "ss://" userinfo "@" hostname ":" port [ "/" ] [ "?" plugin ] [ "#" tag ] userinfo = websafe-base64-encode-utf8(method ":" password) method ":" password
Note that encoding
userinfo with Base64URL is recommended but optional for Stream and AEAD (SIP004). But for AEAD-2022 (SIP022),
userinfo MUST NOT be encoded with Base64URL. When
userinfo is not encoded,
password MUST be percent encoded.
/ should be appended if plugin is present, but is optional if only tag is present. Example:
ss://[email protected]:8888/?plugin=url-encoded-plugin-argument-value&unsupported-arguments=should-be-ignored#Dummy+profile+name. This kind of URIs can be parsed by standard libraries provided by most languages.
For plugin argument, we use the similar format as
TOR_PT_SERVER_TRANSPORT_OPTIONS, which have the format like
simple-obfs;obfs=http;obfs-host=example.com where colons, semicolons, equal signs and backslashes MUST be escaped with a backslash.
With user info encoded with Base64URL:
Plain user info:
Q1: Why parse user info to Base64URL?
A1: To safely encode all the characters in the key string. Note that we never try to "encrypt" your key in the URI.
Q2: Why not parse host name and port number into Base64URL?
A2: As mentioned above, we never try to "encrypt" anything in the URI. Additional parsing of host name and port number is not necessary.
Q3: Why not every client supports SIP002 URI scheme?
A3: Currently, SIP002 is still an optional feature unless the client supports SIP003 plugin.
Q4: Why the tags with space is truncated?
A4: White space is not legal in URI. It should be escaped. For example,
ss://...#shadowsocks server 1 (illegal URI) should be escaped into
ss://...#shadowsocks%20server%201 (legal URI).