Updates for shadowban.

Unicode characters weren't getting loaded correctly for some reason, either literally or via escape sequences. Change to specifying a class name which has a compile-coded list of shadowbanned strings. This prevents changing on the fly, but at least it works for now until a proper database can be implemented.
Update the privacy policy about chat logging due to shadowbans.

.gitignore

@@ -2,3 +2,4 @@ build
 build.properties
 target
 ssl/
+src/main/java/net/socialgamer/cah/util/RealShadowBannedStringProvider.java

WebContent/privacy.html

@@ -12,9 +12,18 @@
 <a href="//pretendyoure.xyz/zy">pretendyoure.xzy/zy domain</a>. Other servers may have other logging
 policies.</p>
 <h1>Temporary logs</h1>
+<p>There are two kinds of temporary logs.</p>
+<h2>Server monitoring logs</h2>
 <p>Logs which contain your chosen user name and IP address (and, on rare occasion, things you say in
 chat) are collected and kept for a period of a few weeks, to assist with monitoring the server.
-These logs are never shared with anybody.</p>
+These logs are not willingly shared with third parties, and to date have not been shared with third
+parties.</p>
+<h2>Automatic moderation logs</h2>
+<p>If the automatic moderating software takes action against you, your user name, IP address, and
+the chat message that triggered said action are logged. These logs are retained for approximately
+one month for evaluating the performance of the automatic moderation. These logs are not willingly
+shared with third parties, and to date have not been shared with third parties. <strong>You may not
+be informed that the automatic moderating software has taken action against you.</strong></p>
 <h1>Permanent logs</h1>
 <p>Game play details are kept on a permanent basis, to analyze which cards are the most and least
 popular. The data in these logs may be made publicly available once an interface is completed, and
@@ -35,8 +44,8 @@ tracked between multiple sessions.</p>
   <li>Information about your device including its operating system (Windows, Android, etc.) and type
   (phone, tablet, PC, etc.).</li>
 </ul>
-<p><strong>At no point is your IP address, chosen user name, or chat logged permanently or shared
-with anyone for any purpose. Fill-in-the-blank card text is, however, logged.</strong></p>
+<p><strong>At no point is your IP address, chosen user name, or chat shared with anyone for any
+purpose. Fill-in-the-blank card text is, however, logged and shared.</strong></p>
 <h1>Google Analytics</h1>
 <p>Yeah, who doesn't use that these days? I honestly don't look at it very often. It's cool to see
 where people are getting linked to this from. You can block it if you really want to, but I'd prefer

build.properties.example

@@ -11,9 +11,13 @@ pyx.id_code_salt=
 # comma-separated listed of IP addresses (v4 or v6) from which users are considered admins.
 pyx.admin_addrs=127.0.0.1,::1
 
-# comma-separated list of strings that will cause a chat message to get silently dropped without
-# notifying the user. does not currently permanently shadowban the user, but maybe it should...
-pyx.shadowban_strings=
+# The name of a class that implements net.socialgamer.cah.util.ChatFilter.ShadowBannedStringProvider
+# which will then be called to get the shadowbanned strings.
+# Ideally we'd just have the list of strings here, but providing unicode characters directly gets
+# mangled during the build process, and for some reason unicode escapes were not being loaded
+# properly at runtime.
+# If this is blank, it is ignored and no strings will cause such filtering to occur.
+pyx.shadowban_strings_provider=
 # Settings for global chat protection. Some of these do not apply to game chats.
 # Ratio of 'basic' characters to length of message. Basic characters are defined by
 # Character.isJavaIdentifierPart, which stipulates:

src/main/filtered-resources/WEB-INF/pyx.properties

@@ -6,7 +6,8 @@ pyx.server.broadcast_connects_and_disconnects=${pyx.broadcast_connects_and_disco
 pyx.server.global_chat_enabled=${pyx.global_chat_enabled}
 pyx.server.id_code_salt=${pyx.id_code_salt}
 pyx.server.admin_addrs=${pyx.admin_addrs}
-pyx.chat.shadowban_strings=${pyx.shadowban_strings}
+# changing this at runtime has no effect
+pyx.chat.shadowban_strings_provider=${pyx.shadowban_strings_provider}
 pyx.chat.global.flood_count=${pyx.global.flood_count}
 pyx.chat.global.flood_time=${pyx.global.flood_time}
 pyx.chat.global.basic_ratio=${pyx.global.basic_ratio}

src/main/java/net/socialgamer/cah/util/ChatFilter.java

@@ -36,7 +36,6 @@ import java.util.regex.Pattern;
 
 import org.apache.log4j.Logger;
 
-import com.google.common.collect.ImmutableSet;
 import com.google.inject.Inject;
 import com.google.inject.Provider;
 import com.google.inject.Singleton;
@@ -60,7 +59,8 @@ public class ChatFilter {
   private static final int DEFAULT_SPACES_REQUIRED = 3;
   private static final int DEFAULT_CAPSLOCK_MIN_MSG_LENGTH = 50;
   private static final double DEFAULT_CAPSLOCK_RATIO = .5;
-  private static final String DEFAULT_SHADOWBAN_CHARACTERS = "";
+  public static final String DEFAULT_SHADOWBAN_PROVIDER = DefaultShadowBannedStringsProvider.class
+      .getCanonicalName();
 
   public static final Pattern SIMPLE_MESSAGE_PATTERN = Pattern
       .compile("^[a-zA-Z0-9 _\\-=+*()\\[\\]\\\\/|,.!:'\"`~#]+$");
@@ -189,8 +189,17 @@ public class ChatFilter {
   }
 
   private Set<String> getShadowbanCharacters() {
-    return ImmutableSet.copyOf(getPropValue("pyx.chat.shadowban_strings",
-        DEFAULT_SHADOWBAN_CHARACTERS).split(","));
+    try {
+      return ((ShadowBannedStringProvider) Class
+          .forName(getPropValue("pyx.chat.shadowban_strings_provider",
+          DEFAULT_SHADOWBAN_PROVIDER)).newInstance()).getShadowBannedStrings();
+    } catch (final InstantiationException | IllegalAccessException | ClassNotFoundException
+        | ClassCastException e) {
+      LOG.error(String.format("Unable to load shadowban string provider %s, using empty set.",
+          getPropValue("pyx.chat.shadowban_strings_provider", DEFAULT_SHADOWBAN_PROVIDER)),
+          e);
+      return Collections.emptySet();
+    }
   }
 
   private String getPropValue(final String name, final String defaultValue) {

src/main/java/net/socialgamer/cah/util/DefaultShadowBannedStringsProvider.java

@@ -0,0 +1,35 @@
+/**
+ * Copyright (c) 2018, Andy Janata
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice, this list of conditions
+ *   and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice, this list of
+ *   conditions and the following disclaimer in the documentation and/or other materials provided
+ *   with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+ * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
+ * WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package net.socialgamer.cah.util;
+
+import java.util.Collections;
+import java.util.Set;
+
+public class DefaultShadowBannedStringsProvider implements ShadowBannedStringProvider {
+
+  @Override
+  public Set<String> getShadowBannedStrings() {
+    return Collections.emptySet();
+  }
+}

src/main/java/net/socialgamer/cah/util/ShadowBannedStringProvider.java

@@ -0,0 +1,34 @@
+/**
+ * Copyright (c) 2018, Andy Janata
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice, this list of conditions
+ *   and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice, this list of
+ *   conditions and the following disclaimer in the documentation and/or other materials provided
+ *   with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+ * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
+ * WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package net.socialgamer.cah.util;
+
+import java.util.Set;
+
+public interface ShadowBannedStringProvider {
+  /**
+   * A message that contains any string in this set should be silently dropped: not forwarded to any
+   * other user nor inform the originating user that the message was dropped.
+   */
+  Set<String> getShadowBannedStrings();
+}