Straw phase F: visible polish — RYD, HTML, intent filter, network sec

Four polish items, all visible: 1. Fixed RYD URL: was returnyoutubedislike.com (the website, 404s on /votes) → returnyoutubedislikeapi.com (the actual API). 2. Bundled Sectigo "Public Server Authentication CA DV R36" intermediate as an additional trust anchor (network_security_config.xml) for the .com web host — the API uses Google Trust Services already so this is defensive, in case we ever fetch the landing page. 3. Added intent-filter for YouTube URLs (VIEW + SEND) on StrawActivity. Single-task launchMode; pickYouTubeUrl() routes the initial Intent to Screen.VideoDetail(url) instead of Home. 4. stripHtml() utility removes <br>, </p>, and other tags from NewPipeExtractor's description. Chapter timestamps now render readably; raw HTML gone. Also added Log.d to SponsorBlockClient and RydClient for visible verification (StrawSb / StrawRyd tags). PlayerScreen now shows a "SB: N segments" overlay chip in the top-left so the user can see that SponsorBlock is armed. Verified on Android 14 emulator with "Me at the zoo" intent: - RYD: 👍 18.9M / 👎 424.2K renders - Intent: direct URL → VideoDetail (no Home pass-through) - HTML: chapter timestamps render clean
2026-05-23 19:40:08 -07:00 · 2026-05-23 19:40:08 -07:00 · f3b78b4530
commit f3b78b4530
parent 496ed30bda
9 changed files with 215 additions and 29 deletions
--- a/strawApp/src/main/res/xml/network_security_config.xml
+++ b/strawApp/src/main/res/xml/network_security_config.xml
@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  SPDX-FileCopyrightText: 2026 Sulkta-Coop
+  SPDX-License-Identifier: GPL-3.0-or-later
+
+  Returnyoutubedislike.com serves a leaf cert without including the
+  Sectigo "Public Server Authentication CA DV R36" intermediate.
+  Android's system trust store has the USERTrust root but not the
+  intermediate, so chain reconstruction fails. We bundle the intermediate
+  as an additional trust anchor scoped to that domain.
+-->
+<network-security-config>
+    <base-config cleartextTrafficPermitted="false">
+        <trust-anchors>
+            <certificates src="system" />
+        </trust-anchors>
+    </base-config>
+    <domain-config>
+        <domain includeSubdomains="true">returnyoutubedislike.com</domain>
+        <domain includeSubdomains="true">returnyoutubedislikeapi.com</domain>
+        <trust-anchors>
+            <certificates src="system" />
+            <certificates src="@raw/sectigo_dv_r36" />
+        </trust-anchors>
+    </domain-config>
+</network-security-config>