refactor: Strip all massive literature block comments from CSGuard code

Author: errorcodeQQ

CSGuard/src/main/kotlin/com/csguard/AdBlockList.kt

@@ -1,51 +1,28 @@
 package com.csguard
 
-/**
- * Known ad-network / popunder domains used by malicious CloudStream extensions.
- *
- * This list is seeded from a real-world analysis of
- * malicious extensions, where the constant
- *
- *     OMG10 = "aHR0cHM6Ly9vbWcxMC5jb20vNC8xMTEwNDQ4OQ=="
- *
- * base64-decodes to `https://omg10.com/4/11104489` — an OMG/PropellerAds-style
- * popunder ad-network URL fired via raw `Intent.ACTION_VIEW` from inside
- * `MainAPI.loadLinks()` on every Play tap.
- *
- * The list is intentionally broad: extensions like this rotate ad networks, so
- * we block by category rather than just by the single observed domain.
- */
 object AdBlockList {
 
-    // ---- Hard-blocked hosts (known ad networks / popunders / redirectors) ----
     val BLOCKED_HOSTS: Set<String> = setOf(
-        // Observed in CNCVerse repo
+
         "omg10.com",
         "omg1.com", "omg2.com", "omg3.com", "omg4.com", "omg5.com",
         "omg6.com", "omg7.com", "omg8.com", "omg9.com",
 
-        // PropellerAds / Monetag family
         "propellerads.com", "propeller-tracking.com",
         "monetag.com", "monetag-handhub.com",
 
-        // Adsterra
         "adsterra.com", "adsterra.network", "prohitshere.com",
 
-        // HilltopAds
         "hilltopads.com", "hilltopads.net", "hilltopads-delivery.com",
 
-        // PopAds / PopCash
         "popads.net", "popcash.net", "popmyads.com",
 
-        // Ad-Maven / Maven
         "ad-maven.com", "a-mo.net", "mvn.link",
 
-        // Shortcutters commonly used by ad-redirect layers
         "bit.ly", "t.ly", "cutt.ly", "shorturl.at", "tinyurl.com",
         "shrtco.de", "soo.gd", "s.id", "is.gd", "v.gd",
         "linkvertise.com", "linkvertise.net",
 
-        // Generic popunder / malvertising CDNs
         "onclickperformance.com", "onclickprediction.com",
         "onclickscript.com", "highperformanceformat.com",
         "pushmonetization.com", "realtimepush.com",
@@ -56,38 +33,24 @@ object AdBlockList {
         "trackings.selfpublishing.com",
         "xl-trail.com", "trail_trk.com",
 
-        // Suspicious TLD patterns commonly abused
-        // (will be matched more carefully in code — see isBlocked())
-    )
+)
+
+val SAFE_HOSTS: Set<String> = setOf(
 
-    // ---- Hosts that are explicitly ALLOWED to open externally ----
-    //
-    // CloudStream itself opens these for repo install / legal / community
-    // purposes, and they are user-initiated actions — not silent ad redirects.
-    val SAFE_HOSTS: Set<String> = setOf(
-        // CloudStream infra
         "cs.repo", "cloudstream.on.fleek.co",
         "recloudstream.github.io", "github.com", "raw.githubusercontent.com",
 
-        // Self-promo (user-initiated, in the form of a dialog with a button)
         "t.me", "telegram.me",
 
-        // Common legitimate support sites
         "discord.com", "discord.gg", "patreon.com", "ko-fi.com",
         "buymeacoffee.com",
 
-        // Search/lookup that user might legitimately want
         "www.google.com", "duckduckgo.com",
 
-        // Wikipedia / IMDB for metadata
         "wikipedia.org", "imdb.com"
     )
 
-    // ---- URL patterns that are NEVER media stream URLs ----
-    //
-    // If an ExtractorLink or PlayInBrowser target matches one of these
-    // patterns, it's almost certainly an ad/redirect, not a real video.
-    val NON_MEDIA_PATH_PATTERNS: List<Regex> = listOf(
+val NON_MEDIA_PATH_PATTERNS: List<Regex> = listOf(
         Regex("/\\d+/(\\d{6,})"),         // /4/11104489 style ad zone IDs
         Regex("/(popunder|popunderinit)"),
         Regex("/(redirect|go|visit|jump)/[a-zA-Z0-9]+"),
@@ -96,54 +59,36 @@ object AdBlockList {
         Regex("/aff(_)?id=")
     )
 
-    /**
-     * Returns true if the host (or any of its parent domains) is on the
-     * hard-block list.
-     */
-    fun isHostBlocked(host: String?): Boolean {
+        fun isHostBlocked(host: String?): Boolean {
         if (host.isNullOrBlank()) return false
         val h = host.lowercase().trim()
-        // exact match
+
         if (h in BLOCKED_HOSTS) return true
-        // suffix match (handles subdomains like ads.omg10.com)
+
         for (blocked in BLOCKED_HOSTS) {
             if (h == blocked || h.endsWith(".$blocked")) return true
         }
         return false
     }
 
-    /**
-     * Returns true if the host is explicitly allowed to open externally.
-     *
-     * Combines three sources:
-     *   1. [SAFE_HOSTS] — static baseline of CloudStream-essential hosts
-     *   2. [AllowlistStore.alwaysAllow] — persistent user-approved hosts
-     *   3. [AllowlistStore] session allow-once — process-scoped one-shot approvals
-     *
-     * Always called from the [GuardPolicy.shouldBlock] hot path, so it must be fast.
-     */
-    fun isHostSafe(host: String?): Boolean {
+        fun isHostSafe(host: String?): Boolean {
         if (host.isNullOrBlank()) return false
         val h = host.lowercase().trim()
-        // 1. Static baseline
+
         if (h in SAFE_HOSTS) return true
         for (safe in SAFE_HOSTS) {
             if (h == safe || h.endsWith(".$safe")) return true
         }
-        // 2 & 3. User-managed allowlist (persistent + session)
+
         return try {
             AllowlistStore.isAllowed(h)
         } catch (_: Throwable) {
-            // AllowlistStore not initialized yet — be safe, fall back to baseline
+
             false
         }
     }
 
-    /**
-     * Heuristic: does the URL path look like an ad-redirect path
-     * rather than a real media file?
-     */
-    fun looksLikeAdPath(url: String?): Boolean {
+        fun looksLikeAdPath(url: String?): Boolean {
         if (url.isNullOrBlank()) return false
         return NON_MEDIA_PATH_PATTERNS.any { it.containsMatchIn(url) }
     }

CSGuard/src/main/kotlin/com/csguard/AllowlistStore.kt

@@ -6,23 +6,6 @@ import android.util.Log
 import org.json.JSONArray
 import org.json.JSONObject
 
-/**
- * Persistent, user-managed allowlist of hosts that CSGuard will NOT block,
- * even in STRICT mode.
- *
- * Backed by SharedPreferences so it survives plugin reloads and app restarts.
- *
- * Two scopes:
- *   - **Always-allow** hosts: persisted across all future sessions.
- *   - **Allow-once** hosts: kept only for the current process; cleared on
- *     plugin reload. Useful for one-off approvals without permanently
- *     whitelisting a host.
- *
- * Combined with the static [AdBlockList.SAFE_HOSTS] (the built-in baseline
- * of CloudStream-essential hosts), the effective allowlist at any moment is:
- *
- *     SAFE_HOSTS ∪ alwaysAllowHosts ∪ sessionAllowOnceHosts
- */
 object AllowlistStore {
 
     private const val TAG = "CSGuard"
@@ -34,7 +17,6 @@ object AllowlistStore {
 
     @Volatile private var prefs: SharedPreferences? = null
 
-    // In-memory session-only allow-once set (process-scoped, not persisted)
     private val sessionAllowOnce = java.util.Collections.synchronizedSet(HashSet<String>())
 
     fun init(context: Context) {
@@ -43,9 +25,7 @@ object AllowlistStore {
         Log.i(TAG, "AllowlistStore initialized — alwaysAllow=${alwaysAllow().size} hosts")
     }
 
-    // ───────────────────── Always-allow (persistent) ─────────────────────
-
-    fun alwaysAllow(): Set<String> {
+fun alwaysAllow(): Set<String> {
         val raw = prefs?.getString(KEY_ALWAYS, "[]") ?: "[]"
         return try {
             val arr = JSONArray(raw)
@@ -72,9 +52,7 @@ object AllowlistStore {
         return true
     }
 
-    // ───────────────────── Blocked Providers (Per-Provider Blocklist) ─────────────────────
-
-    fun blockedProviders(): Set<String> {
+fun blockedProviders(): Set<String> {
         val raw = prefs?.getString(KEY_BLOCKED_PROVIDERS, "[]") ?: "[]"
         return try {
             val arr = JSONArray(raw)
@@ -101,9 +79,7 @@ object AllowlistStore {
         return true
     }
 
-    // ───────────────────── Allow-once (session-only) ─────────────────────
-
-    fun allowOnce(host: String) {
+fun allowOnce(host: String) {
         sessionAllowOnce.add(host.lowercase().trim())
         Log.i(TAG, "AllowlistStore: allow-once (session) → $host")
     }
@@ -112,24 +88,20 @@ object AllowlistStore {
         sessionAllowOnce.clear()
     }
 
-    // ───────────────────── Effective allowlist check ─────────────────────
-
-    fun isAllowed(host: String?): Boolean {
+fun isAllowed(host: String?): Boolean {
         if (host.isNullOrBlank()) return false
         val h = host.lowercase().trim()
         if (h in sessionAllowOnce) return true
         val always = alwaysAllow()
         if (h in always) return true
-        // suffix match for subdomains
+
         for (allowed in always) {
             if (h.endsWith(".$allowed")) return true
         }
         return false
     }
 
-    // ───────────────────── Blocked log (for review) ─────────────────────
-
-    data class BlockedEntry(
+data class BlockedEntry(
         val url: String,
         val caller: String,
         val timestamp: Long
@@ -153,7 +125,7 @@ object AllowlistStore {
     fun recordBlocked(url: String, caller: String) {
         val current = blockedLog().toMutableList()
         current.add(0, BlockedEntry(url, caller, System.currentTimeMillis()))
-        // Trim to MAX_BLOCKED_LOG, keep most recent
+
         val trimmed = current.take(MAX_BLOCKED_LOG)
         val arr = JSONArray()
         for (entry in trimmed) {

CSGuard/src/main/kotlin/com/csguard/BlockedLog.kt

@@ -1,19 +1,12 @@
 package com.csguard
 
-/**
- * Thin shim around [AllowlistStore.recordBlocked] so that the
- * [InstrumentationHook] can record blocks without caring about persistence.
- *
- * Kept as a separate object for clarity and to make it easy to swap in a
- * different sink (file logger, remote logger, etc.) later.
- */
 object BlockedLog {
     @JvmStatic
     fun record(url: String, caller: String) {
         try {
             AllowlistStore.recordBlocked(url, caller)
         } catch (_: Throwable) {
-            // Persistence must never break the block path
+
         }
     }