package com.contrastsecurity.agent.plugins.rasp.rules.b;

import com.contrastsecurity.agent.commons.o;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.messages.app.activity.defend.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.rasp.A;
import com.contrastsecurity.agent.plugins.rasp.E;
import com.contrastsecurity.agent.plugins.rasp.X;
import com.contrastsecurity.agent.plugins.rasp.Z;
import com.contrastsecurity.agent.plugins.rasp.al;
import com.contrastsecurity.agent.plugins.rasp.rules.i;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.math.NumberUtils;
import com.contrastsecurity.thirdparty.org.apache.http.HttpHost;
import com.contrastsecurity.thirdparty.org.apache.http.entity.ContentType;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Collections;
import java.util.Iterator;
import java.util.Set;
import java.util.regex.Pattern;

/* compiled from: MalformedHeaderRule.java */
/* loaded from: input_file:com/contrastsecurity/agent/plugins/rasp/rules/b/c.class */
public final class c extends X<Object> implements i<Object> {
    public static final String b = "malformed-header";
    private final Z<Object> c = Z.a(b, Object.class);
    private static final String d = "NONNUMERIC";
    private static final String e = "NEGATIVE";
    private static final String f = "OBFUSCATED";
    private static final String g = "MALFORMED";
    private static final String h = "TOO_LARGE";
    private static final int i = 256;
    private static final int j = 290;
    private static final int k = 84;
    private static final int l = 64;
    private static final int m = 16;
    private static final int n = 512;
    private static final int o = 290;
    private static final int p = 290;
    private static final Pattern q = Pattern.compile("^[a-zA-Z]+:/.*");
    private static final Set<String> r = o.b("http:/", "https:/");

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.g
    public Z<Object> getRuleId() {
        return this.c;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.X
    public void onParametersResolved(HttpRequest httpRequest) {
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public boolean appliesToInputType(UserInputDTM.InputType inputType) {
        return UserInputDTM.InputType.HEADER.equals(inputType);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public E evaluateInput(UserInputDTM.InputType inputType, String str, String str2, String str3, int i2) {
        int i3;
        String a;
        if (com.contrastsecurity.agent.plugins.http.i.HEADER_ACCEPT.a(str)) {
            i3 = 256;
            a = null;
        } else if (com.contrastsecurity.agent.plugins.http.i.HEADER_CONTENT_TYPE.a(str)) {
            i3 = 290;
            a = a(str2, str3);
        } else if (com.contrastsecurity.agent.plugins.http.i.HEADER_ACCEPT_ENCODING.a(str)) {
            i3 = 84;
            a = null;
        } else if (com.contrastsecurity.agent.plugins.http.i.HEADER_ACCEPT_LANGUAGE.a(str)) {
            i3 = 64;
            a = null;
        } else if (com.contrastsecurity.agent.plugins.http.i.HEADER_CONTENT_LENGTH.a(str)) {
            i3 = 16;
            a = a(str2, i2);
        } else if (com.contrastsecurity.agent.plugins.http.i.HEADER_USER_AGENT.a(str)) {
            i3 = 512;
            a = null;
        } else if (com.contrastsecurity.agent.plugins.http.i.HEADER_ORIGIN.a(str) || com.contrastsecurity.agent.plugins.http.i.HEADER_REFERER.a(str)) {
            i3 = com.contrastsecurity.agent.plugins.http.i.HEADER_ORIGIN.a(str) ? 290 : -1;
            a = a(str2);
        } else if (com.contrastsecurity.agent.plugins.http.i.HEADER_HOST.a(str)) {
            i3 = 290;
            a = null;
        } else {
            i3 = -1;
            a = null;
        }
        boolean z = i3 != -1 && i3 < str2.length();
        boolean z2 = a != null;
        Set b2 = (z && z2) ? o.b(h, a) : z ? Collections.singleton(h) : z2 ? Collections.singleton(a) : Collections.emptySet();
        if (b2.isEmpty()) {
            return null;
        }
        return new E(A.MATCHED_ATTACK_SIGNATURE, b2);
    }

    private String a(String str, String str2) {
        if (!str.equalsIgnoreCase(str2)) {
            return f;
        }
        try {
            ContentType.parse(str);
            return null;
        } catch (Exception e2) {
            return g;
        }
    }

    private String a(String str) {
        if (b(str)) {
            return g;
        }
        if (c(str)) {
            return null;
        }
        try {
            if (new URL(str).getProtocol().startsWith(HttpHost.DEFAULT_SCHEME_NAME)) {
                return null;
            }
            return g;
        } catch (MalformedURLException e2) {
            return g;
        }
    }

    private boolean b(String str) {
        if (!q.matcher(str).matches()) {
            return false;
        }
        Iterator<String> it = r.iterator();
        while (it.hasNext()) {
            if (str.startsWith(it.next())) {
                return false;
            }
        }
        return true;
    }

    private boolean c(String str) {
        boolean z;
        try {
            z = new URL(new StringBuilder().append("http://user:info@").append(str).toString()).getHost() != null;
        } catch (MalformedURLException e2) {
            z = false;
        }
        return z;
    }

    private String a(String str, int i2) {
        if (!al.a(i2, 64)) {
            return d;
        }
        if (NumberUtils.toLong(str) < 0) {
            return e;
        }
        return null;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public int getMinimumAttackInputLength() {
        return 1;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public boolean requiresSavingInContext(HttpRequest httpRequest) {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public boolean shouldAlwaysBlockAtPerimeter(UserInputDTM.InputType inputType) {
        return true;
    }
}
