package com.xiaomi.market.util;

import android.net.Uri;
import androidx.annotation.VisibleForTesting;
import com.miui.miapm.block.core.MethodRecorder;
import com.xiaomi.market.AppGlobals;
import com.xiaomi.market.analytics.AnalyticParams;
import com.xiaomi.market.data.WebResourceManager;
import com.xiaomi.market.model.ClientConfig;
import com.xiaomi.market.model.FirebaseConfig;
import com.xiaomi.market.track.TrackType;
import com.xiaomi.market.track.TrackUtils;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Iterator;
import java.util.Set;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.collections.ArraysKt___ArraysKt;
import kotlin.jvm.internal.f0;
import kotlin.text.Regex;
import kotlin.text.StringsKt__StringsKt;

/* compiled from: UrlCheckUtils.kt */
@Metadata(bv = {}, d1 = {"\u0000,\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u000b\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0010\"\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0002\b\n\u001a\u001a\u0010\u0005\u001a\u00020\u00042\b\u0010\u0001\u001a\u0004\u0018\u00010\u00002\b\u0010\u0003\u001a\u0004\u0018\u00010\u0002\u001a\u0010\u0010\u0007\u001a\u00020\u00042\b\u0010\u0006\u001a\u0004\u0018\u00010\u0002\u001a\u0018\u0010\n\u001a\u00020\u00042\b\u0010\u0006\u001a\u0004\u0018\u00010\u00022\u0006\u0010\t\u001a\u00020\b\u001a \u0010\n\u001a\u00020\u00042\b\u0010\u0006\u001a\u0004\u0018\u00010\u00022\u0006\u0010\t\u001a\u00020\b2\u0006\u0010\u000b\u001a\u00020\u0004\u001a\u0018\u0010\u000e\u001a\u00020\u00042\u0006\u0010\f\u001a\u00020\u00022\u0006\u0010\r\u001a\u00020\u0000H\u0002\u001a\u001e\u0010\u0012\u001a\u00020\u00042\f\u0010\u0010\u001a\b\u0012\u0004\u0012\u00020\u00020\u000f2\u0006\u0010\u0011\u001a\u00020\u0002H\u0007\u001a\u0010\u0010\u0013\u001a\u00020\u00042\u0006\u0010\u0011\u001a\u00020\u0002H\u0002\u001a\u0010\u0010\u0014\u001a\u00020\u00042\u0006\u0010\u0011\u001a\u00020\u0002H\u0002\u001a\u000e\u0010\u0015\u001a\u00020\u00042\u0006\u0010\u0006\u001a\u00020\u0002\u001a\u000e\u0010\u0016\u001a\u00020\u00022\u0006\u0010\u0006\u001a\u00020\u0002\u001a\u0010\u0010\u0018\u001a\u00020\u00172\u0006\u0010\u0006\u001a\u00020\u0002H\u0002\u001a\u0010\u0010\u0019\u001a\u00020\u00042\u0006\u0010\u0006\u001a\u00020\u0002H\u0002\"\u0014\u0010\u001a\u001a\u00020\u00028\u0002X\u0082T¢\u0006\u0006\n\u0004\b\u001a\u0010\u001b\"!\u0010 \u001a\b\u0012\u0004\u0012\u00020\u00020\u000f8BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\u001c\u0010\u001d\u001a\u0004\b\u001e\u0010\u001f¨\u0006!"}, d2 = {"Landroid/net/Uri;", "uri", "", "callingPackage", "", "shouldInterceptEnteringMarket", "url", "isJsInterfaceAllowed", "Lcom/xiaomi/market/util/HostLevel;", "level", "isUrlMatchLevel", "allowDebug", "urls", "uris", "isLocalWebResUrl", "", "trustedHostSet", "host", "isHostMatch", "isTrustedHost", "isPrivilegedHost", "isSecurityUrl", "handleUrlForXssCheck", "Lkotlin/u1;", "trackCatchUrl", "isXssParamMatch", "TAG", "Ljava/lang/String;", "defaultXssParams$delegate", "Lkotlin/y;", "getDefaultXssParams", "()Ljava/util/Set;", "defaultXssParams", "app_mipicksRelease"}, k = 2, mv = {1, 6, 0})
/* loaded from: classes3.dex */
public final class UrlCheckUtilsKt {

    @j3.d
    private static final String TAG = "UrlCheckUtils";

    @j3.d
    private static final kotlin.y defaultXssParams$delegate;

    /* compiled from: UrlCheckUtils.kt */
    @Metadata(k = 3, mv = {1, 6, 0}, xi = 48)
    /* loaded from: classes3.dex */
    public /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            MethodRecorder.i(2824);
            int[] iArr = new int[HostLevel.valuesCustom().length];
            iArr[HostLevel.TRUSTED.ordinal()] = 1;
            iArr[HostLevel.PRIVILEDGED.ordinal()] = 2;
            iArr[HostLevel.LOCAL_WEB_RES.ordinal()] = 3;
            $EnumSwitchMapping$0 = iArr;
            MethodRecorder.o(2824);
        }
    }

    static {
        kotlin.y a4;
        MethodRecorder.i(3138);
        a4 = kotlin.a0.a(UrlCheckUtilsKt$defaultXssParams$2.INSTANCE);
        defaultXssParams$delegate = a4;
        MethodRecorder.o(3138);
    }

    private static final Set<String> getDefaultXssParams() {
        MethodRecorder.i(2870);
        Object value = defaultXssParams$delegate.getValue();
        f0.o(value, "<get-defaultXssParams>(...)");
        Set<String> set = (Set) value;
        MethodRecorder.o(2870);
        return set;
    }

    @j3.d
    public static final String handleUrlForXssCheck(@j3.d String url) {
        MethodRecorder.i(3126);
        f0.p(url, "url");
        String o3 = new Regex("\\s").o(url, "");
        MethodRecorder.o(3126);
        return o3;
    }

    @VisibleForTesting
    public static final boolean isHostMatch(@j3.d Set<String> trustedHostSet, @j3.d String host) {
        boolean u22;
        boolean J1;
        MethodRecorder.i(2892);
        f0.p(trustedHostSet, "trustedHostSet");
        f0.p(host, "host");
        for (String str : trustedHostSet) {
            if (TextUtils.equals(host, str)) {
                MethodRecorder.o(2892);
                return true;
            }
            u22 = kotlin.text.u.u2(str, ".", false, 2, null);
            if (!u22) {
                str = '.' + str;
            }
            J1 = kotlin.text.u.J1(host, str, false, 2, null);
            if (J1) {
                MethodRecorder.o(2892);
                return true;
            }
        }
        MethodRecorder.o(2892);
        return false;
    }

    public static final boolean isJsInterfaceAllowed(@j3.e String str) {
        MethodRecorder.i(2876);
        boolean isUrlMatchLevel = isUrlMatchLevel(str, HostLevel.TRUSTED);
        MethodRecorder.o(2876);
        return isUrlMatchLevel;
    }

    private static final boolean isLocalWebResUrl(String str, Uri uri) {
        boolean V2;
        CharSequence E5;
        boolean u22;
        boolean u23;
        CharSequence E52;
        boolean u24;
        MethodRecorder.i(2888);
        if (!f0.g("file", uri.getScheme())) {
            MethodRecorder.o(2888);
            return false;
        }
        V2 = StringsKt__StringsKt.V2(str, "../", false, 2, null);
        if (V2) {
            MethodRecorder.o(2888);
            return false;
        }
        E5 = StringsKt__StringsKt.E5(str);
        u22 = kotlin.text.u.u2(E5.toString(), "file://", false, 2, null);
        if (u22) {
            E52 = StringsKt__StringsKt.E5(str);
            u24 = kotlin.text.u.u2(E52.toString(), "file:///", false, 2, null);
            if (!u24) {
                String resolvedUrl = WebResourceManager.getManager().getResolvedUrl(str);
                f0.o(resolvedUrl, "getManager().getResolvedUrl(url)");
                uri = Uri.parse(resolvedUrl);
                f0.o(uri, "parse(url)");
            }
        }
        String urlPath = FileUtils.getCanoicalPathOrAbsolutePath(uri.getPath());
        if (TextUtils.isEmpty(urlPath)) {
            MethodRecorder.o(2888);
            return false;
        }
        if (WebResourceManager.checkIfLoadPageFromStorage()) {
            MethodRecorder.o(2888);
            return true;
        }
        String marketFilePath = FileUtils.getCanoicalPathOrAbsolutePath(AppGlobals.getFilesDir());
        f0.o(urlPath, "urlPath");
        f0.o(marketFilePath, "marketFilePath");
        u23 = kotlin.text.u.u2(urlPath, marketFilePath, false, 2, null);
        MethodRecorder.o(2888);
        return u23;
    }

    private static final boolean isPrivilegedHost(String str) {
        MethodRecorder.i(2896);
        Set<String> set = ClientConfig.get().privilegedHostSet;
        f0.o(set, "get().privilegedHostSet");
        boolean isHostMatch = isHostMatch(set, str);
        MethodRecorder.o(2896);
        return isHostMatch;
    }

    public static final boolean isSecurityUrl(@j3.d String url) {
        MethodRecorder.i(2901);
        f0.p(url, "url");
        if (((Boolean) FirebaseConfig.getPrimitiveValue(FirebaseConfig.KEY_DISABLE_XSS_CHECK, Boolean.FALSE)).booleanValue()) {
            MethodRecorder.o(2901);
            return true;
        }
        if (isXssParamMatch(handleUrlForXssCheck(url))) {
            MethodRecorder.o(2901);
            return false;
        }
        String decodedUrl = Uri.decode(url);
        f0.o(decodedUrl, "decodedUrl");
        if (isXssParamMatch(handleUrlForXssCheck(decodedUrl))) {
            MethodRecorder.o(2901);
            return false;
        }
        String doubleDecodedUrl = Uri.decode(decodedUrl);
        f0.o(doubleDecodedUrl, "doubleDecodedUrl");
        if (isXssParamMatch(handleUrlForXssCheck(doubleDecodedUrl))) {
            MethodRecorder.o(2901);
            return false;
        }
        MethodRecorder.o(2901);
        return true;
    }

    private static final boolean isTrustedHost(String str) {
        boolean z3;
        MethodRecorder.i(2895);
        Set<String> set = ClientConfig.get().trustedHostSet;
        f0.o(set, "get().trustedHostSet");
        if (!isHostMatch(set, str)) {
            Set<String> set2 = ClientConfig.get().privilegedHostSet;
            f0.o(set2, "get().privilegedHostSet");
            if (!isHostMatch(set2, str)) {
                z3 = false;
                MethodRecorder.o(2895);
                return z3;
            }
        }
        z3 = true;
        MethodRecorder.o(2895);
        return z3;
    }

    public static final boolean isUrlMatchLevel(@j3.e String str, @j3.d HostLevel level) {
        MethodRecorder.i(2877);
        f0.p(level, "level");
        boolean isUrlMatchLevel = isUrlMatchLevel(str, level, true);
        MethodRecorder.o(2877);
        return isUrlMatchLevel;
    }

    public static final boolean isUrlMatchLevel(@j3.e String str, @j3.d HostLevel level, boolean z3) {
        boolean T8;
        boolean isTrustedHost;
        MethodRecorder.i(2885);
        f0.p(level, "level");
        if (str == null || TextUtils.isEmpty(str)) {
            MethodRecorder.o(2885);
            return false;
        }
        if (z3 && MarketUtils.shouldSkipWebViewHostCheck()) {
            MethodRecorder.o(2885);
            return true;
        }
        try {
            Uri uri = Uri.parse(str);
            String host = uri.getHost();
            if (host == null) {
                MethodRecorder.o(2885);
                return false;
            }
            String scheme = uri.getScheme();
            if (scheme == null) {
                MethodRecorder.o(2885);
                return false;
            }
            T8 = ArraysKt___ArraysKt.T8(new String[]{"file", Constants.HTTP_PROTOCAL, Constants.HTTPS_PROTOCAL}, scheme);
            if (!T8) {
                MethodRecorder.o(2885);
                return false;
            }
            if (!isSecurityUrl(str)) {
                Log.w(TAG, "xss error: url = " + str);
                trackCatchUrl(str);
                MethodRecorder.o(2885);
                return false;
            }
            if (f0.g("file", scheme)) {
                f0.o(uri, "uri");
                boolean isLocalWebResUrl = isLocalWebResUrl(str, uri);
                MethodRecorder.o(2885);
                return isLocalWebResUrl;
            }
            if (ClientConfig.get().webViewHttpLimit && !f0.g(Constants.HTTPS_PROTOCAL, scheme)) {
                MethodRecorder.o(2885);
                return false;
            }
            int i4 = WhenMappings.$EnumSwitchMapping$0[level.ordinal()];
            if (i4 == 1) {
                isTrustedHost = isTrustedHost(host);
            } else if (i4 == 2) {
                isTrustedHost = isPrivilegedHost(host);
            } else {
                if (i4 != 3) {
                    NoWhenBranchMatchedException noWhenBranchMatchedException = new NoWhenBranchMatchedException();
                    MethodRecorder.o(2885);
                    throw noWhenBranchMatchedException;
                }
                isTrustedHost = false;
            }
            MethodRecorder.o(2885);
            return isTrustedHost;
        } catch (Exception e4) {
            Log.e(TAG, "Exception for url: " + str, e4);
            MethodRecorder.o(2885);
            return false;
        }
    }

    private static final boolean isXssParamMatch(String str) {
        boolean S2;
        MethodRecorder.i(3135);
        Iterator<String> it = getDefaultXssParams().iterator();
        while (it.hasNext()) {
            S2 = StringsKt__StringsKt.S2(str, it.next(), true);
            if (S2) {
                MethodRecorder.o(3135);
                return true;
            }
        }
        MethodRecorder.o(3135);
        return false;
    }

    public static final boolean shouldInterceptEnteringMarket(@j3.e Uri uri, @j3.e String str) {
        String str2;
        URL url;
        MethodRecorder.i(2874);
        if (uri == null || (str2 = uri.getQueryParameter("url")) == null) {
            str2 = "";
        }
        if (TextUtils.isEmpty(str2)) {
            MethodRecorder.o(2874);
            return false;
        }
        try {
            url = new URL(str2);
        } catch (MalformedURLException e4) {
            Log.e(TAG, "url invalid : " + e4);
        }
        if (TextUtils.isEmpty(url.getHost())) {
            MethodRecorder.o(2874);
            return false;
        }
        if (TextUtils.equals(AppGlobals.getPkgName(), str)) {
            MethodRecorder.o(2874);
            return false;
        }
        if (!isJsInterfaceAllowed(str2)) {
            boolean z3 = ClientConfig.get().interceptUnTrustedHost;
            Log.e(TAG, "not trusted host for: " + url + ", isIntercepted: " + z3);
            MethodRecorder.o(2874);
            return z3;
        }
        MethodRecorder.o(2874);
        return false;
    }

    private static final void trackCatchUrl(String str) {
        MethodRecorder.i(3131);
        String str2 = TrackType.DevTrackActionType.DevKey.XSS_URL;
        AnalyticParams newInstance = AnalyticParams.newInstance();
        newInstance.add("url", str);
        TrackUtils.trackDevInspectEvent(str2, newInstance);
        MethodRecorder.o(3131);
    }
}
