package com.contrastsecurity.agent.plugins.rasp.rules.b;

import com.contrastsecurity.agent.commons.o;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.messages.app.activity.defend.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.rasp.C;
import com.contrastsecurity.agent.plugins.rasp.EnumC0163y;
import com.contrastsecurity.agent.plugins.rasp.Y;
import com.contrastsecurity.agent.plugins.rasp.aa;
import com.contrastsecurity.agent.plugins.rasp.am;
import com.contrastsecurity.agent.plugins.rasp.rules.h;
import com.contrastsecurity.agent.util.E;
import com.contrastsecurity.thirdparty.com.rabbitmq.client.ConnectionFactoryConfigurator;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.math.NumberUtils;
import com.contrastsecurity.thirdparty.org.apache.http.HttpHeaders;
import com.contrastsecurity.thirdparty.org.apache.http.HttpHost;
import com.contrastsecurity.thirdparty.org.apache.http.entity.ContentType;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;

/* compiled from: MalformedHeaderRule.java */
/* loaded from: input_file:lib/contrast-agent-core.jar:com/contrastsecurity/agent/plugins/rasp/rules/b/c.class */
public final class c extends Y<Object> implements h<Object> {
    public static final String b = "malformed-header";
    private final aa<Object> c = aa.a(b, Object.class);
    private static final String d = "NONNUMERIC";
    private static final String e = "NEGATIVE";
    private static final String f = "OBFUSCATED";
    private static final String g = "MALFORMED";
    private static final String h = "TOO_LARGE";
    private static final Map<String, Integer> i = Collections.unmodifiableMap(new E().a("accept", 256).a("content-type", 84).a("accept-encoding", 84).a("accept-language", 64).a("content-length", 16).a("user-agent", 512).a("origin", 290).a(ConnectionFactoryConfigurator.HOST, 290).a());
    private static final Pattern j = Pattern.compile("^[a-zA-Z]+:/.*");
    private static final Set<String> k = o.b("http:/", "https:/");

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.f
    public aa<Object> getRuleId() {
        return this.c;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.Y
    public void onParametersResolved(HttpRequest httpRequest) {
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.h
    public boolean appliesToInputType(UserInputDTM.InputType inputType) {
        return UserInputDTM.InputType.HEADER.equals(inputType);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.h
    public C evaluateInput(UserInputDTM.InputType inputType, String str, String str2, String str3, int i2) {
        C c = null;
        Set<String> set = null;
        Integer num = i.get(str.toLowerCase());
        if (num != null && num.intValue() < str2.length()) {
            set = a(null, h);
        }
        if ("Content-Type".equalsIgnoreCase(str)) {
            set = a(set, str2, str3);
        } else if ("Content-Length".equalsIgnoreCase(str)) {
            set = a(set, str2, i2);
        } else if (HttpHeaders.REFERER.equalsIgnoreCase(str) || "Origin".equalsIgnoreCase(str)) {
            set = b(set, str2);
        }
        if (set != null && !set.isEmpty()) {
            c = new C(EnumC0163y.MATCHED_ATTACK_SIGNATURE, set);
        }
        return c;
    }

    private Set<String> a(Set<String> set, String str) {
        if (set == null) {
            set = new HashSet();
        }
        set.add(str);
        return set;
    }

    private Set<String> a(Set<String> set, String str, String str2) {
        if (str.equalsIgnoreCase(str2)) {
            try {
                ContentType.parse(str);
            } catch (Exception e2) {
                set = a(set, g);
            }
        } else {
            set = a(set, f);
        }
        return set;
    }

    private Set<String> b(Set<String> set, String str) {
        if (a(str)) {
            set = a(set, g);
        } else if (!b(str)) {
            try {
                if (!new URL(str).getProtocol().startsWith(HttpHost.DEFAULT_SCHEME_NAME)) {
                    set = a(set, g);
                }
            } catch (MalformedURLException e2) {
                set = a(set, g);
            }
        }
        return set;
    }

    private boolean a(String str) {
        if (!j.matcher(str).matches()) {
            return false;
        }
        Iterator<String> it = k.iterator();
        while (it.hasNext()) {
            if (str.startsWith(it.next())) {
                return false;
            }
        }
        return true;
    }

    private boolean b(String str) {
        boolean z;
        try {
            z = new URL(new StringBuilder().append("http://user:info@").append(str).toString()).getHost() != null;
        } catch (MalformedURLException e2) {
            z = false;
        }
        return z;
    }

    private Set<String> a(Set<String> set, String str, int i2) {
        if (!am.a(i2, 64)) {
            set = a(set, d);
        } else if (NumberUtils.toLong(str) < 0) {
            set = a(set, e);
        }
        return set;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.h
    public int getMinimumAttackInputLength() {
        return 1;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.h
    public boolean requiresSavingInContext(HttpRequest httpRequest) {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.h
    public boolean shouldAlwaysBlockAtPerimeter(UserInputDTM.InputType inputType) {
        return true;
    }
}
