package org.apache.shindig.gadgets.render;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.inject.BindingAnnotation;
import com.google.inject.Inject;
import com.sun.syndication.feed.module.sse.modules.Related;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.gadgets.Gadget;
import org.apache.shindig.gadgets.parse.caja.CajaCssSanitizer;
import org.apache.shindig.gadgets.rewrite.ContentRewriterFeature;
import org.apache.shindig.gadgets.rewrite.DomWalker;
import org.apache.shindig.gadgets.rewrite.MutableContent;
import org.apache.shindig.gadgets.rewrite.RewritingException;
import org.apache.shindig.gadgets.uri.ProxyUriManager;
import org.apache.shiro.web.filter.authz.SslFilter;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.UserDataHandler;

/* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter.class */
public class SanitizingGadgetRewriter extends DomWalker.Rewriter {
    private static final String BYPASS_SANITIZATION_KEY = "shindig.bypassSanitization";
    private static UserDataHandler copyOnClone = new UserDataHandler() { // from class: org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.1
        @Override // org.w3c.dom.UserDataHandler
        public void handle(short s, String str, Object obj, Node node, Node node2) {
            if (s == 2 || s == 1) {
                node2.setUserData(str, obj, SanitizingGadgetRewriter.copyOnClone);
            }
        }
    };

    @Target({ElementType.PARAMETER, ElementType.METHOD, ElementType.FIELD})
    @Retention(RetentionPolicy.RUNTIME)
    @BindingAnnotation
    /* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter$AllowedAttributes.class */
    public @interface AllowedAttributes {
    }

    @Target({ElementType.PARAMETER, ElementType.METHOD, ElementType.FIELD})
    @Retention(RetentionPolicy.RUNTIME)
    @BindingAnnotation
    /* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter$AllowedTags.class */
    public @interface AllowedTags {
    }

    /* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter$BasicElementFilter.class */
    static final class BasicElementFilter extends SanitizingWalker {
        private final Set<String> allowedTags;
        private final Set<String> allowedAttributes;

        private BasicElementFilter(Set<String> set, Set<String> set2) {
            super();
            this.allowedTags = set;
            this.allowedAttributes = set2;
        }

        @Override // org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.SanitizingWalker
        public boolean removeTag(Gadget gadget, Element element, Uri uri) {
            return !this.allowedTags.contains(element.getNodeName().toLowerCase());
        }

        @Override // org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.SanitizingWalker
        public boolean removeAttr(Gadget gadget, Attr attr, Uri uri) {
            return !this.allowedAttributes.contains(attr.getName().toLowerCase());
        }
    }

    /* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter$Bypass.class */
    public enum Bypass {
        ALL,
        ONLY_SELF,
        NONE
    }

    /* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter$ImageFilter.class */
    static final class ImageFilter extends SanitizingWalker {
        private final SanitizingProxyUriManager imageRewriter;

        private ImageFilter(ProxyUriManager proxyUriManager) {
            super();
            this.imageRewriter = new SanitizingProxyUriManager(proxyUriManager, "image/*");
        }

        @Override // org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.SanitizingWalker
        protected boolean removeTag(Gadget gadget, Element element, Uri uri) {
            return false;
        }

        @Override // org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.SanitizingWalker
        protected boolean removeAttr(Gadget gadget, Attr attr, Uri uri) {
            if (!"img".equalsIgnoreCase(attr.getOwnerElement().getNodeName()) || !"src".equalsIgnoreCase(attr.getName())) {
                return false;
            }
            try {
                ProxyUriManager.ProxyUri proxyUri = ProxyUriManager.ProxyUri.fromList(gadget, ImmutableList.of(Uri.parse(attr.getValue()))).get(0);
                proxyUri.setHtmlTagContext(attr.getOwnerElement().getNodeName().toLowerCase());
                attr.setValue(this.imageRewriter.make(ImmutableList.of(proxyUri), null).get(0).toString());
                return false;
            } catch (IllegalArgumentException e) {
                return true;
            }
        }
    }

    /* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter$LinkFilter.class */
    static final class LinkFilter extends SanitizingWalker {
        private final SanitizingProxyUriManager cssImportRewriter;

        private LinkFilter(ProxyUriManager proxyUriManager) {
            super();
            this.cssImportRewriter = new SanitizingProxyUriManager(proxyUriManager, "text/css");
        }

        @Override // org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.SanitizingWalker
        protected boolean removeTag(Gadget gadget, Element element, Uri uri) {
            if (!element.getNodeName().equalsIgnoreCase(Related.LINK_ATTRIBUTE)) {
                return false;
            }
            boolean z = false;
            for (Attr attr : SanitizingGadgetRewriter.toList(element.getAttributes())) {
                if ("rel".equalsIgnoreCase(attr.getName())) {
                    z |= "stylesheet".equalsIgnoreCase(attr.getValue());
                } else if (Related.TYPE_ATTRIBUTE.equalsIgnoreCase(attr.getName())) {
                    z |= "text/css".equalsIgnoreCase(attr.getValue());
                } else if ("href".equalsIgnoreCase(attr.getName())) {
                    try {
                        ProxyUriManager.ProxyUri proxyUri = ProxyUriManager.ProxyUri.fromList(gadget, ImmutableList.of(Uri.parse(attr.getValue()))).get(0);
                        proxyUri.setHtmlTagContext(element.getNodeName().toLowerCase());
                        attr.setValue(this.cssImportRewriter.make(ImmutableList.of(proxyUri), null).get(0).toString());
                    } catch (IllegalArgumentException e) {
                        return true;
                    }
                } else {
                    continue;
                }
            }
            return !z;
        }

        @Override // org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.SanitizingWalker
        protected boolean removeAttr(Gadget gadget, Attr attr, Uri uri) {
            return false;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter$LinkSchemeCheckFilter.class */
    static class LinkSchemeCheckFilter extends SanitizingWalker {
        private static final Set<String> URI_ATTRIBUTES = ImmutableSet.of("href", "src");

        LinkSchemeCheckFilter() {
            super();
        }

        @Override // org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.SanitizingWalker
        protected boolean removeTag(Gadget gadget, Element element, Uri uri) {
            return false;
        }

        @Override // org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.SanitizingWalker
        protected boolean removeAttr(Gadget gadget, Attr attr, Uri uri) {
            if (!URI_ATTRIBUTES.contains(attr.getName().toLowerCase())) {
                return false;
            }
            try {
                String scheme = Uri.parse(attr.getValue()).getScheme();
                if (scheme == null || scheme.equals("http")) {
                    return false;
                }
                return !scheme.equals(SslFilter.HTTPS_SCHEME);
            } catch (IllegalArgumentException e) {
                return true;
            }
        }
    }

    /* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter$SanitizingWalker.class */
    private static abstract class SanitizingWalker implements DomWalker.Visitor {
        private SanitizingWalker() {
        }

        protected abstract boolean removeTag(Gadget gadget, Element element, Uri uri);

        protected abstract boolean removeAttr(Gadget gadget, Attr attr, Uri uri);

        @Override // org.apache.shindig.gadgets.rewrite.DomWalker.Visitor
        public DomWalker.Visitor.VisitStatus visit(Gadget gadget, Node node) throws RewritingException {
            switch (node.getNodeType()) {
                case 1:
                case 9:
                    Element element = (Element) node;
                    Bypass canBypassSanitization = SanitizingGadgetRewriter.canBypassSanitization(element);
                    if (canBypassSanitization == Bypass.ALL) {
                        return DomWalker.Visitor.VisitStatus.RESERVE_TREE;
                    }
                    if (canBypassSanitization == Bypass.ONLY_SELF) {
                        return DomWalker.Visitor.VisitStatus.BYPASS;
                    }
                    if (removeTag(gadget, element, gadget.getSpec().getUrl())) {
                        return DomWalker.Visitor.VisitStatus.RESERVE_TREE;
                    }
                    DomWalker.Visitor.VisitStatus visitStatus = DomWalker.Visitor.VisitStatus.MODIFY;
                    for (Attr attr : SanitizingGadgetRewriter.toList(element.getAttributes())) {
                        if (removeAttr(gadget, attr, gadget.getSpec().getUrl())) {
                            element.removeAttributeNode(attr);
                        }
                    }
                    return visitStatus;
                case 2:
                case 6:
                case 7:
                case 8:
                default:
                    return DomWalker.Visitor.VisitStatus.RESERVE_TREE;
                case 3:
                case 4:
                case 5:
                    return DomWalker.Visitor.VisitStatus.BYPASS;
            }
        }

        @Override // org.apache.shindig.gadgets.rewrite.DomWalker.Visitor
        public boolean revisit(Gadget gadget, List<Node> list) throws RewritingException {
            for (Node node : list) {
                if (node.getNodeType() == 8 || SanitizingGadgetRewriter.canBypassSanitization((Element) node) != Bypass.ALL) {
                    node.getParentNode().removeChild(node);
                }
            }
            return true;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter$StyleFilter.class */
    static final class StyleFilter implements DomWalker.Visitor {
        private final SanitizingProxyUriManager imageRewriter;
        private final SanitizingProxyUriManager cssImportRewriter;
        private final CajaCssSanitizer cssSanitizer;

        private StyleFilter(ProxyUriManager proxyUriManager, CajaCssSanitizer cajaCssSanitizer) {
            this.imageRewriter = new SanitizingProxyUriManager(proxyUriManager, "image/*");
            this.cssImportRewriter = new SanitizingProxyUriManager(proxyUriManager, "text/css");
            this.cssSanitizer = cajaCssSanitizer;
        }

        @Override // org.apache.shindig.gadgets.rewrite.DomWalker.Visitor
        public DomWalker.Visitor.VisitStatus visit(Gadget gadget, Node node) throws RewritingException {
            if (node.getNodeType() != 1 || !"style".equalsIgnoreCase(node.getNodeName())) {
                return DomWalker.Visitor.VisitStatus.BYPASS;
            }
            this.cssSanitizer.sanitize((Element) node, gadget.getSpec().getUrl(), gadget.getContext(), this.cssImportRewriter, this.imageRewriter);
            return DomWalker.Visitor.VisitStatus.MODIFY;
        }

        @Override // org.apache.shindig.gadgets.rewrite.DomWalker.Visitor
        public boolean revisit(Gadget gadget, List<Node> list) throws RewritingException {
            return false;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/render/SanitizingGadgetRewriter$TargetFilter.class */
    static class TargetFilter extends SanitizingWalker {
        TargetFilter() {
            super();
        }

        @Override // org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.SanitizingWalker
        protected boolean removeTag(Gadget gadget, Element element, Uri uri) {
            return false;
        }

        @Override // org.apache.shindig.gadgets.render.SanitizingGadgetRewriter.SanitizingWalker
        protected boolean removeAttr(Gadget gadget, Attr attr, Uri uri) {
            if (!"target".equalsIgnoreCase(attr.getName())) {
                return false;
            }
            String lowerCase = attr.getValue().toLowerCase();
            return ("_blank".equals(lowerCase) || "_self".equals(lowerCase)) ? false : true;
        }
    }

    public static boolean isSanitizedRenderingRequest(Gadget gadget) {
        return SchemaSymbols.ATTVAL_TRUE_1.equals(gadget.getContext().getParameter("sanitize"));
    }

    public static void bypassSanitization(Element element, boolean z) {
        element.setUserData(BYPASS_SANITIZATION_KEY, z ? Bypass.ALL : Bypass.ONLY_SELF, copyOnClone);
    }

    @Inject
    public SanitizingGadgetRewriter(@AllowedTags Set<String> set, @AllowedAttributes Set<String> set2, ContentRewriterFeature.Factory factory, CajaCssSanitizer cajaCssSanitizer, ProxyUriManager proxyUriManager) {
        super(new BasicElementFilter(set, set2), new LinkSchemeCheckFilter(), new StyleFilter(proxyUriManager, cajaCssSanitizer), new LinkFilter(proxyUriManager), new ImageFilter(proxyUriManager), new TargetFilter());
    }

    @Override // org.apache.shindig.gadgets.rewrite.DomWalker.Rewriter, org.apache.shindig.gadgets.rewrite.GadgetRewriter
    public void rewrite(Gadget gadget, MutableContent mutableContent) throws RewritingException {
        if (gadget.sanitizeOutput()) {
            boolean z = false;
            try {
                super.rewrite(gadget, mutableContent);
                z = true;
                if (1 == 0) {
                    mutableContent.setContent("");
                }
            } catch (Throwable th) {
                if (!z) {
                    mutableContent.setContent("");
                }
                throw th;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static List<Attr> toList(NamedNodeMap namedNodeMap) {
        ArrayList arrayList = new ArrayList(namedNodeMap.getLength());
        int length = namedNodeMap.getLength();
        for (int i = 0; i < length; i++) {
            arrayList.add((Attr) namedNodeMap.item(i));
        }
        return arrayList;
    }

    public static Bypass canBypassSanitization(Element element) {
        Bypass bypass = (Bypass) element.getUserData(BYPASS_SANITIZATION_KEY);
        if (bypass == null) {
            bypass = Bypass.NONE;
        }
        return bypass;
    }
}
