package com.xiaomi.market.util;

import android.net.Uri;
import androidx.annotation.VisibleForTesting;
import com.miui.miapm.block.core.MethodRecorder;
import com.xiaomi.market.AppGlobals;
import com.xiaomi.market.data.WebResourceManager;
import com.xiaomi.market.model.ClientConfig;
import com.xiaomi.market.model.FirebaseConfig;
import com.xiaomi.market.track.TrackUtils;
import com.xiaomi.mipicks.common.constant.Constants;
import com.xiaomi.mipicks.common.track.TrackType;
import com.xiaomi.mipicks.platform.BaseApp;
import com.xiaomi.mipicks.platform.log.Log;
import com.xiaomi.mipicks.platform.track.analytics.AnalyticParams;
import com.xiaomi.mipicks.platform.util.FileUtils;
import com.xiaomi.mipicks.platform.util.TextUtils;
import java.io.File;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Iterator;
import java.util.Set;
import kotlin.Lazy;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.collections.ArraysKt___ArraysKt;
import kotlin.jvm.internal.s;
import kotlin.text.Regex;
import kotlin.text.StringsKt__StringsKt;

/* compiled from: UrlCheckUtils.kt */
@Metadata(d1 = {"\u00006\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\"\n\u0002\b\n\n\u0002\u0010\u000b\n\u0002\b\u0007\n\u0002\u0010\b\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u0002\n\u0000\u001a\u000e\u0010\u000b\u001a\u00020\u00012\u0006\u0010\f\u001a\u00020\u0001\u001a\u0012\u0010\r\u001a\u00020\u000e2\b\u0010\u000f\u001a\u0004\u0018\u00010\u0001H\u0002\u001a\u001e\u0010\u0010\u001a\u00020\u000e2\f\u0010\u0011\u001a\b\u0012\u0004\u0012\u00020\u00010\u00032\u0006\u0010\u0012\u001a\u00020\u0001H\u0007\u001a\u0010\u0010\u0013\u001a\u00020\u000e2\b\u0010\f\u001a\u0004\u0018\u00010\u0001\u001a&\u0010\u0014\u001a\u00020\u000e2\u0006\u0010\u0015\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u00012\u0006\u0010\u0018\u001a\u00020\u00012\u0006\u0010\u0019\u001a\u00020\u001a\u001a\u0018\u0010\u0014\u001a\u00020\u000e2\u0006\u0010\f\u001a\u00020\u00012\u0006\u0010\u001b\u001a\u00020\u001aH\u0002\u001a\u0010\u0010\u001c\u001a\u00020\u000e2\u0006\u0010\u0012\u001a\u00020\u0001H\u0002\u001a\u0010\u0010\u001d\u001a\u00020\u000e2\b\u0010\f\u001a\u0004\u0018\u00010\u0001\u001a\u000e\u0010\u001e\u001a\u00020\u000e2\u0006\u0010\f\u001a\u00020\u0001\u001a\u0010\u0010\u001f\u001a\u00020\u000e2\u0006\u0010\u0012\u001a\u00020\u0001H\u0002\u001a\u0018\u0010 \u001a\u00020\u000e2\b\u0010\f\u001a\u0004\u0018\u00010\u00012\u0006\u0010!\u001a\u00020\"\u001a \u0010 \u001a\u00020\u000e2\b\u0010\f\u001a\u0004\u0018\u00010\u00012\u0006\u0010!\u001a\u00020\"2\u0006\u0010#\u001a\u00020\u000e\u001a\u0010\u0010$\u001a\u00020\u000e2\u0006\u0010\f\u001a\u00020\u0001H\u0002\u001a\u001a\u0010%\u001a\u00020\u000e2\b\u0010\u001b\u001a\u0004\u0018\u00010\u001a2\b\u0010&\u001a\u0004\u0018\u00010\u0001\u001a\u0010\u0010'\u001a\u00020(2\u0006\u0010\f\u001a\u00020\u0001H\u0002\"\u000e\u0010\u0000\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000\"!\u0010\u0002\u001a\b\u0012\u0004\u0012\u00020\u00010\u00038BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\u0006\u0010\u0007\u001a\u0004\b\u0004\u0010\u0005\"!\u0010\b\u001a\b\u0012\u0004\u0012\u00020\u00010\u00038BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\n\u0010\u0007\u001a\u0004\b\t\u0010\u0005¨\u0006)"}, d2 = {"TAG", "", "defaultXssParams", "", "getDefaultXssParams", "()Ljava/util/Set;", "defaultXssParams$delegate", "Lkotlin/Lazy;", "supportIframeHostSet", "getSupportIframeHostSet", "supportIframeHostSet$delegate", "handleUrlForXssCheck", "url", "isCoinsWebViewUrl", "", Constants.JSON_RECOMMEND_WEBVIEW_URL, "isHostMatch", "trustedHostSet", "host", "isJsInterfaceAllowed", "isLocalWebResUrl", Constants.JSON_WEB_RES_VERSION, "", "webResDirPath", "urls", "uris", "Landroid/net/Uri;", "uri", "isPrivilegedHost", "isRestrictDownloadPage", "isSecurityUrl", "isTrustedHost", "isUrlMatchLevel", "level", "Lcom/xiaomi/market/util/HostLevel;", "allowDebug", "isXssParamMatch", "shouldForbiddenEnteringMarket", "callingPackage", "trackCatchUrl", "", "app_mipicksDefaultsRelease"}, k = 2, mv = {1, 9, 0}, xi = 48)
/* loaded from: classes3.dex */
public final class UrlCheckUtilsKt {
    private static final String TAG = "UrlCheckUtils";
    private static final Lazy defaultXssParams$delegate;
    private static final Lazy supportIframeHostSet$delegate;

    /* compiled from: UrlCheckUtils.kt */
    @Metadata(k = 3, mv = {1, 9, 0}, xi = 48)
    /* loaded from: classes3.dex */
    public /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            MethodRecorder.i(10730);
            int[] iArr = new int[HostLevel.values().length];
            try {
                iArr[HostLevel.TRUSTED.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                iArr[HostLevel.PRIVILEDGED.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                iArr[HostLevel.LOCAL_WEB_RES.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            $EnumSwitchMapping$0 = iArr;
            MethodRecorder.o(10730);
        }
    }

    static {
        Lazy b;
        Lazy b2;
        MethodRecorder.i(10997);
        b = kotlin.h.b(UrlCheckUtilsKt$defaultXssParams$2.INSTANCE);
        defaultXssParams$delegate = b;
        b2 = kotlin.h.b(UrlCheckUtilsKt$supportIframeHostSet$2.INSTANCE);
        supportIframeHostSet$delegate = b2;
        MethodRecorder.o(10997);
    }

    private static final Set<String> getDefaultXssParams() {
        MethodRecorder.i(10901);
        Object value = defaultXssParams$delegate.getValue();
        s.f(value, "getValue(...)");
        Set<String> set = (Set) value;
        MethodRecorder.o(10901);
        return set;
    }

    private static final Set<String> getSupportIframeHostSet() {
        MethodRecorder.i(10904);
        Object value = supportIframeHostSet$delegate.getValue();
        s.f(value, "getValue(...)");
        Set<String> set = (Set) value;
        MethodRecorder.o(10904);
        return set;
    }

    public static final String handleUrlForXssCheck(String url) {
        MethodRecorder.i(10983);
        s.g(url, "url");
        String e = new Regex("\\s").e(url, "");
        MethodRecorder.o(10983);
        return e;
    }

    private static final boolean isCoinsWebViewUrl(String str) {
        MethodRecorder.i(10993);
        boolean z = false;
        if (!TextUtils.isEmpty((CharSequence) str)) {
            s.d(str);
            z = StringsKt__StringsKt.O(str, "integral/integral-global", false, 2, null);
        }
        MethodRecorder.o(10993);
        return z;
    }

    @VisibleForTesting
    public static final boolean isHostMatch(Set<String> trustedHostSet, String host) {
        boolean J;
        boolean s;
        MethodRecorder.i(10971);
        s.g(trustedHostSet, "trustedHostSet");
        s.g(host, "host");
        for (String str : trustedHostSet) {
            if (TextUtils.equals(host, str)) {
                MethodRecorder.o(10971);
                return true;
            }
            J = kotlin.text.s.J(str, ".", false, 2, null);
            if (!J) {
                str = "." + str;
            }
            s = kotlin.text.s.s(host, str, false, 2, null);
            if (s) {
                MethodRecorder.o(10971);
                return true;
            }
        }
        MethodRecorder.o(10971);
        return false;
    }

    public static final boolean isJsInterfaceAllowed(@org.jetbrains.annotations.a String str) {
        MethodRecorder.i(10913);
        boolean isUrlMatchLevel = isUrlMatchLevel(str, HostLevel.TRUSTED);
        MethodRecorder.o(10913);
        return isUrlMatchLevel;
    }

    public static final boolean isLocalWebResUrl(int i, String webResDirPath, String urls, Uri uris) {
        boolean O;
        CharSequence Y0;
        boolean J;
        boolean J2;
        CharSequence Y02;
        boolean J3;
        MethodRecorder.i(10960);
        s.g(webResDirPath, "webResDirPath");
        s.g(urls, "urls");
        s.g(uris, "uris");
        if (!s.b("file", uris.getScheme())) {
            MethodRecorder.o(10960);
            return false;
        }
        O = StringsKt__StringsKt.O(urls, "../", false, 2, null);
        if (O) {
            MethodRecorder.o(10960);
            return false;
        }
        Y0 = StringsKt__StringsKt.Y0(urls);
        J = kotlin.text.s.J(Y0.toString(), "file://", false, 2, null);
        if (J) {
            Y02 = StringsKt__StringsKt.Y0(urls);
            J3 = kotlin.text.s.J(Y02.toString(), "file:///", false, 2, null);
            if (!J3) {
                String resolvedUrl = WebResourceManager.getResolvedUrl(i, webResDirPath, urls);
                s.f(resolvedUrl, "getResolvedUrl(...)");
                uris = Uri.parse(resolvedUrl);
                s.f(uris, "parse(...)");
            }
        }
        if (!FileUtils.checkFileExists(new File(uris.getPath()))) {
            Log.d(TAG, "checkFileExists is false, urlPath = " + uris.getPath());
            MethodRecorder.o(10960);
            return false;
        }
        String canoicalPathOrAbsolutePath = FileUtils.getCanoicalPathOrAbsolutePath(uris.getPath());
        if (TextUtils.isEmpty((CharSequence) canoicalPathOrAbsolutePath)) {
            MethodRecorder.o(10960);
            return false;
        }
        if (WebResourceManager.checkIfLoadPageFromStorage()) {
            MethodRecorder.o(10960);
            return true;
        }
        String canoicalPathOrAbsolutePath2 = FileUtils.getCanoicalPathOrAbsolutePath(AppGlobals.getFilesDir());
        s.d(canoicalPathOrAbsolutePath);
        s.d(canoicalPathOrAbsolutePath2);
        J2 = kotlin.text.s.J(canoicalPathOrAbsolutePath, canoicalPathOrAbsolutePath2, false, 2, null);
        MethodRecorder.o(10960);
        return J2;
    }

    private static final boolean isLocalWebResUrl(String str, Uri uri) {
        MethodRecorder.i(10938);
        WebResourceManager manager = WebResourceManager.getManager();
        int webResVersion = manager.getWebResVersion();
        String webResDirPath = manager.getWebResDirPath();
        s.f(webResDirPath, "getWebResDirPath(...)");
        boolean isLocalWebResUrl = isLocalWebResUrl(webResVersion, webResDirPath, str, uri);
        MethodRecorder.o(10938);
        return isLocalWebResUrl;
    }

    private static final boolean isPrivilegedHost(String str) {
        MethodRecorder.i(10976);
        boolean isHostMatch = isHostMatch(ClientConfig.INSTANCE.get().getPrivilegedHostSet(), str);
        MethodRecorder.o(10976);
        return isHostMatch;
    }

    public static final boolean isRestrictDownloadPage(@org.jetbrains.annotations.a String str) {
        MethodRecorder.i(10911);
        Uri parse = Uri.parse(str);
        String host = parse.getHost();
        boolean z = false;
        if (host == null) {
            MethodRecorder.o(10911);
            return false;
        }
        String scheme = parse.getScheme();
        if (scheme == null) {
            MethodRecorder.o(10911);
            return false;
        }
        if ((s.b("file", scheme) && isCoinsWebViewUrl(str)) || (((Boolean) FirebaseConfig.getPrimitiveValue(FirebaseConfig.KEY_ENABLE_RESTRICT_DOWNLOAD_PAGE, Boolean.FALSE)).booleanValue() && isHostMatch(getSupportIframeHostSet(), host) && parse.getBooleanQueryParameter("supportIframe", false))) {
            z = true;
        }
        MethodRecorder.o(10911);
        return z;
    }

    public static final boolean isSecurityUrl(String url) {
        MethodRecorder.i(10980);
        s.g(url, "url");
        if (((Boolean) FirebaseConfig.getPrimitiveValue(FirebaseConfig.KEY_DISABLE_XSS_CHECK, Boolean.FALSE)).booleanValue()) {
            MethodRecorder.o(10980);
            return true;
        }
        if (isXssParamMatch(handleUrlForXssCheck(url))) {
            MethodRecorder.o(10980);
            return false;
        }
        String decode = Uri.decode(url);
        s.d(decode);
        if (isXssParamMatch(handleUrlForXssCheck(decode))) {
            MethodRecorder.o(10980);
            return false;
        }
        String decode2 = Uri.decode(decode);
        s.d(decode2);
        if (isXssParamMatch(handleUrlForXssCheck(decode2))) {
            MethodRecorder.o(10980);
            return false;
        }
        MethodRecorder.o(10980);
        return true;
    }

    private static final boolean isTrustedHost(String str) {
        MethodRecorder.i(10973);
        ClientConfig.Companion companion = ClientConfig.INSTANCE;
        boolean z = isHostMatch(companion.get().getTrustedHostSet(), str) || isHostMatch(companion.get().getPrivilegedHostSet(), str);
        MethodRecorder.o(10973);
        return z;
    }

    public static final boolean isUrlMatchLevel(@org.jetbrains.annotations.a String str, HostLevel level) {
        MethodRecorder.i(10916);
        s.g(level, "level");
        boolean isUrlMatchLevel = isUrlMatchLevel(str, level, true);
        MethodRecorder.o(10916);
        return isUrlMatchLevel;
    }

    public static final boolean isUrlMatchLevel(@org.jetbrains.annotations.a String str, HostLevel level, boolean z) {
        boolean u;
        boolean isTrustedHost;
        MethodRecorder.i(10933);
        s.g(level, "level");
        if (str == null || TextUtils.isEmpty((CharSequence) str)) {
            MethodRecorder.o(10933);
            return false;
        }
        boolean z2 = true;
        if (z && MarketUtils.shouldSkipWebViewHostCheck()) {
            MethodRecorder.o(10933);
            return true;
        }
        try {
            Uri parse = Uri.parse(str);
            String host = parse.getHost();
            if (host == null) {
                MethodRecorder.o(10933);
                return false;
            }
            String scheme = parse.getScheme();
            if (scheme == null) {
                MethodRecorder.o(10933);
                return false;
            }
            u = ArraysKt___ArraysKt.u(new String[]{"file", Constants.HTTP_PROTOCAL, Constants.HTTPS_PROTOCAL}, scheme);
            if (!u) {
                MethodRecorder.o(10933);
                return false;
            }
            if (!isSecurityUrl(str)) {
                Log.w(TAG, "xss error: url = " + str);
                trackCatchUrl(str);
                MethodRecorder.o(10933);
                return false;
            }
            if (s.b("file", scheme)) {
                s.d(parse);
                if (!isLocalWebResUrl(str, parse) || (isCoinsWebViewUrl(str) && level != HostLevel.TRUSTED)) {
                    z2 = false;
                }
                MethodRecorder.o(10933);
                return z2;
            }
            if (ClientConfig.INSTANCE.get().getWebViewHttpLimit() && !s.b(Constants.HTTPS_PROTOCAL, scheme)) {
                MethodRecorder.o(10933);
                return false;
            }
            int i = WhenMappings.$EnumSwitchMapping$0[level.ordinal()];
            if (i == 1) {
                isTrustedHost = isTrustedHost(host);
            } else if (i == 2) {
                isTrustedHost = isPrivilegedHost(host);
            } else {
                if (i != 3) {
                    NoWhenBranchMatchedException noWhenBranchMatchedException = new NoWhenBranchMatchedException();
                    MethodRecorder.o(10933);
                    throw noWhenBranchMatchedException;
                }
                isTrustedHost = false;
            }
            MethodRecorder.o(10933);
            return isTrustedHost;
        } catch (Exception e) {
            Log.e(TAG, "Exception for url: " + str, e);
            MethodRecorder.o(10933);
            return false;
        }
    }

    private static final boolean isXssParamMatch(String str) {
        boolean M;
        MethodRecorder.i(10991);
        Iterator<String> it = getDefaultXssParams().iterator();
        while (it.hasNext()) {
            M = StringsKt__StringsKt.M(str, it.next(), true);
            if (M) {
                MethodRecorder.o(10991);
                return true;
            }
        }
        MethodRecorder.o(10991);
        return false;
    }

    public static final boolean shouldForbiddenEnteringMarket(@org.jetbrains.annotations.a Uri uri, @org.jetbrains.annotations.a String str) {
        String str2;
        URL url;
        MethodRecorder.i(10907);
        if (uri == null || (str2 = uri.getQueryParameter("url")) == null) {
            str2 = "";
        }
        if (TextUtils.isEmpty((CharSequence) str2)) {
            MethodRecorder.o(10907);
            return false;
        }
        try {
            url = new URL(str2);
        } catch (MalformedURLException e) {
            Log.e(TAG, "url invalid : " + e);
        }
        if (TextUtils.isEmpty((CharSequence) url.getHost())) {
            MethodRecorder.o(10907);
            return false;
        }
        if (TextUtils.equals(BaseApp.INSTANCE.getPkgName(), str)) {
            MethodRecorder.o(10907);
            return false;
        }
        if (!isJsInterfaceAllowed(str2)) {
            boolean interceptUnTrustedHost = ClientConfig.INSTANCE.get().getInterceptUnTrustedHost();
            Log.e(TAG, "not trusted host for: " + url + ", isIntercepted: " + interceptUnTrustedHost);
            MethodRecorder.o(10907);
            return interceptUnTrustedHost;
        }
        MethodRecorder.o(10907);
        return false;
    }

    private static final void trackCatchUrl(String str) {
        MethodRecorder.i(10988);
        String str2 = TrackType.DevTrackActionType.DevKey.XSS_URL;
        AnalyticParams newInstance = AnalyticParams.newInstance();
        newInstance.add("url", str);
        TrackUtils.trackDevInspectEvent(str2, newInstance);
        MethodRecorder.o(10988);
    }
}
