Dev

[SANDRO00O]

No description provided.

[qodo-code-review]

Review Summary by Qodo

Add external browser support and improve WebView lifecycle management

✨ Enhancement 🐞 Bug fix

Walkthroughs

Description

• Add external browser detection for authentication URLs
  - Automatically open auth domains and paths in custom tabs
  - Prevent localhost URLs from being intercepted
• Improve WebView lifecycle management and thumbnail handling
  - Fix concurrent modification and double-destroy issues
  - Add safety checks for bitmap operations
• Enhance search engine configuration with custom URL support
  - Add custom search engine picker in settings
  - Refactor search engine logic into utility functions
• Fix console (Eruda) initialization and visibility behavior
  - Change default console state to disabled
  - Update console toggle labels and scripts

Diagram

flowchart LR
  A["Navigation Input"] --> B{"Should Open External?"}
  B -->|Auth URL/Domain| C["CustomTabsIntent"]
  B -->|Localhost| D["Internal WebView"]
  B -->|Regular URL| D
  E["WebView Lifecycle"] --> F["Improved Cleanup"]
  F --> G["Remove from Map"]
  F --> H["Destroy with Safety"]
  I["Search Engine"] --> J["Custom URL Support"]
  J --> K["Settings Picker"]
  L["Console"] --> M["Init/Open Scripts"]
  M --> N["Visibility Control"]

Loading

File Changes

1. app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt Enhancement, bug fix +155/-38

External browser support and WebView lifecycle improvements

• Add shouldOpenInExternalBrowser() and openUrlInCustomTab() methods to detect and open
 authentication URLs in custom tabs
• Add LOCALHOST_HOSTS, AUTH_HOSTS, and AUTH_PATH_HINTS constants for external browser
 detection
• Improve WebView lifecycle management in closeTab() with atomic removal and safe destruction
• Fix thumbnail capture with safety checks for bitmap dimensions and WebView attachment state
• Update console scripts to hide Eruda by default and add consoleOpenScript() for explicit opening
• Refactor search engine icon resolution to use new utility function
• Add cookie manager configuration with third-party cookie support
• Enhance URL navigation with localhost detection and external browser checks
• Fix snapshot creation in savePersistentTabs() to prevent concurrent modification

app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt

---

2. app/src/main/java/space/karrarnazim/ConsoleFlow/PrefsManager.kt ✨ Enhancement +7/-1

Add custom search engine preference and console default

• Add searchEngineIsCustom boolean preference to track custom search engine usage
• Change default consoleEnabled from true to false
• Add duplicate import statement for androidx.core.content.edit

app/src/main/java/space/karrarnazim/ConsoleFlow/PrefsManager.kt

---

3. app/src/main/java/space/karrarnazim/ConsoleFlow/SearchEngineUtils.kt ✨ Enhancement +89/-0

New search engine utility functions and helpers

• Create new utility file with search engine helper functions
• Add SearchEngineKind enum for search engine types
• Implement isLocalhostUrl(), normalizeNavigationInput(), resolveSearchEngineKind(),
 searchEngineDisplayName(), searchEngineIconRes(), and buildSearchUrl() functions
• Support flexible search URL templates with %s, {query}, and query parameter patterns

app/src/main/java/space/karrarnazim/ConsoleFlow/SearchEngineUtils.kt

---

View more (3)

4. app/src/main/java/space/karrarnazim/ConsoleFlow/SettingsActivity.kt ✨ Enhancement +152/-24

Custom search engine picker and privacy policy link

• Add custom search engine picker dialog with ListView adapter
• Implement showSearchEnginePicker() and showCustomSearchEngineDialog() methods
• Add EngineOption data class and predefined engine options list
• Update search engine display to use utility functions
• Add privacy policy link to settings menu
• Improve imports with explicit widget imports

app/src/main/java/space/karrarnazim/ConsoleFlow/SettingsActivity.kt

---

5. app/src/main/res/layout/activity_settings.xml ✨ Enhancement +50/-0

Add privacy policy settings menu item

• Add new Privacy Policy settings menu item with icon and link
• Include divider between App Website and Privacy Policy sections

app/src/main/res/layout/activity_settings.xml

---

6. app/src/main/res/layout/layout_main_menu.xml ✨ Enhancement +1/-1

Update console menu label text

• Change console menu label from "Console On" to "Open Console"

app/src/main/res/layout/layout_main_menu.xml

---

[qodo-code-review]

Code Review by Qodo

🐞 Bugs (1) 📘 Rule violations (0) 📎 Requirement gaps (0)

1. Console visibility not persistent ✓ Resolved 🐞 Bug ≡ Correctness

Description

When prefsManager.consoleEnabled is true, applyConsoleTools() injects consoleInitScript(), but that
script explicitly hides Eruda, so the console won’t remain visible after navigation/reload despite
being “enabled”. Users must toggle off/on to make it visible again, and the menu label can become
misleading relative to actual visibility.

Code

app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[R2278-2296]

Evidence

The injected init script hides Eruda even when enabled, and applyConsoleTools is executed on every
page finish, so the console will be hidden again after any navigation/reload.

app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[1589-1623]
app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[2276-2296]
app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[2364-2372]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
When `consoleEnabled` is true, `applyConsoleTools()` injects `consoleInitScript()`, but `consoleInitScript()` hides Eruda (`eruda.hide()` + `display='none'`). This makes the console not persist as visible across navigations even though it is enabled.

## Issue Context
- `onPageFinished()` calls `applyConsoleTools(view)` on every page load.
- Current behavior: enabled => init+hide on every load; only explicit enable action runs `consoleOpenScript()`.

## Fix Focus Areas
- app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[2276-2310]
- app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[2364-2372]

## Suggested fix
Choose one consistent model:
1) If `consoleEnabled` means "console should be visible": change `applyConsoleTools()` to call `consoleOpenScript()` (not `consoleInitScript()`) when enabled.
2) If you want "loaded but hidden by default": add a separate persisted flag for visibility (e.g., `consoleVisible`) and drive menu text + injection from that, keeping `consoleEnabled` as "inject tooling" only.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. Settings link may crash 🐞 Bug ☼ Reliability

Description

SettingsActivity.openUrl() calls startActivity(Intent(ACTION_VIEW,...)) without handling
ActivityNotFoundException; the newly added Privacy Policy entry invokes it and can crash on devices
without a browser/handler.

Code

app/src/main/java/space/karrarnazim/ConsoleFlow/SettingsActivity.kt[R122-124]

Evidence

The new Privacy Policy click listener calls openUrl(), and openUrl() directly starts an activity
without exception handling.

app/src/main/java/space/karrarnazim/ConsoleFlow/SettingsActivity.kt[122-128]
app/src/main/java/space/karrarnazim/ConsoleFlow/SettingsActivity.kt[254-256]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`openUrl()` in SettingsActivity calls `startActivity()` without a try/catch. If no app can handle the VIEW intent, Settings will crash.

## Issue Context
This PR adds another entry point (`settingPrivacyPolicy`) that uses `openUrl()`, increasing the crash surface.

## Fix Focus Areas
- app/src/main/java/space/karrarnazim/ConsoleFlow/SettingsActivity.kt[122-124]
- app/src/main/java/space/karrarnazim/ConsoleFlow/SettingsActivity.kt[254-256]

## Suggested fix
Wrap `startActivity(...)` in try/catch (ActivityNotFoundException/Exception) and show a Toast (similar to `MainActivity.openUrlInCustomTab()` fallback behavior), optionally using `Intent.createChooser()`.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

3. New-tab toast can lie ✓ Resolved 🐞 Bug ≡ Correctness

Description

openNewTab() returns early for URLs routed to Custom Tabs, but the context-menu action always shows
"Opened in new tab" immediately after calling openNewTab(url), even though no tab is created in that
path.

Code

app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[R1278-1281]

Evidence

The early return in openNewTab prevents tab creation, while the context-menu unconditionally shows
the toast right after calling openNewTab(url).

app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[1277-1281]
app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[1537-1545]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
For URLs that `shouldOpenInExternalBrowser(url)` returns true, `openNewTab(url)` opens a Custom Tab and returns without creating a tab. The context-menu handler still shows a success toast saying the URL opened in a new tab.

## Issue Context
This is user-visible and misleading; it also makes debugging tab behaviors harder.

## Fix Focus Areas
- app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[1277-1281]
- app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[1537-1545]

## Suggested fix
- Make `openNewTab()` return a boolean (createdTab=true/false) and only show the toast when true.
- Or, if external URLs should still create a placeholder tab, mirror `createNewGroup()` behavior (open HOME_URL tab + open custom tab) and update the toast message accordingly.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

View more (1)

4. Third-party cookies forced on ✓ Resolved 🐞 Bug ⛨ Security

Description

createNewWebView() now unconditionally enables third‑party cookies via
CookieManager.setAcceptThirdPartyCookies(wv, true), increasing cross-site tracking and cookie
leakage risk across all sites loaded in the in-app WebView.

Code

app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[R1528-1532]

Evidence

The WebView setup explicitly sets third-party cookie acceptance to true for Lollipop+ devices,
affecting all subsequent browsing in that WebView.

app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[1528-1532]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`createNewWebView()` explicitly enables third-party cookies for every WebView. This is a significant privacy/security behavior change.

## Issue Context
The app injects JS and intercepts HTML responses; enabling third-party cookies increases tracking surface and may violate expected privacy defaults.

## Fix Focus Areas
- app/src/main/java/space/karrarnazim/ConsoleFlow/MainActivity.kt[1528-1532]

## Suggested fix
- Default `setAcceptThirdPartyCookies(wv, false)` and add a user preference to opt-in.
- Alternatively, enable third-party cookies only for specific hosts where required, and keep it disabled elsewhere.
- If intentional for the product, document it clearly and surface a setting in UI.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---