package com.shapesecurity.salvation2;

import com.gargoylesoftware.htmlunit.protocol.javascript.JavaScriptURLConnection;
import com.google.gwt.dev.util.arg.ArgHandlerBindAddress;
import com.shapesecurity.salvation2.Directive;
import com.shapesecurity.salvation2.Directives.FrameAncestorsDirective;
import com.shapesecurity.salvation2.Directives.HostSourceDirective;
import com.shapesecurity.salvation2.Directives.PluginTypesDirective;
import com.shapesecurity.salvation2.Directives.ReportUriDirective;
import com.shapesecurity.salvation2.Directives.SandboxDirective;
import com.shapesecurity.salvation2.Directives.SourceExpressionDirective;
import com.shapesecurity.salvation2.URLs.GUID;
import com.shapesecurity.salvation2.URLs.URI;
import com.shapesecurity.salvation2.URLs.URLWithScheme;
import com.shapesecurity.salvation2.Values.Hash;
import com.shapesecurity.salvation2.Values.Host;
import com.shapesecurity.salvation2.Values.MediaType;
import com.shapesecurity.salvation2.Values.RFC7230Token;
import com.shapesecurity.salvation2.Values.Scheme;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.annotation.Nonnull;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.eclipse.jdt.internal.core.JavadocConstants;
import org.eclipse.jetty.util.URIUtil;

/* loaded from: input_file:gwt-2.10.1/gwt-dev.jar:com/shapesecurity/salvation2/Policy.class */
public class Policy {
    private PluginTypesDirective pluginTypes;
    private RFC7230Token reportTo;
    private ReportUriDirective reportUri;
    private List<NamedDirective> directives = new ArrayList();
    private SourceExpressionDirective baseUri = null;
    private boolean blockAllMixedContent = false;
    private SourceExpressionDirective formAction = null;
    private FrameAncestorsDirective frameAncestors = null;
    private SourceExpressionDirective navigateTo = null;
    private SandboxDirective sandbox = null;
    private boolean upgradeInsecureRequests = false;

    @Nonnull
    private final Map<FetchDirectiveKind, SourceExpressionDirective> fetchDirectives = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:gwt-2.10.1/gwt-dev.jar:com/shapesecurity/salvation2/Policy$InlineType.class */
    public enum InlineType {
        Script(FetchDirectiveKind.ScriptSrcElem),
        ScriptAttribute(FetchDirectiveKind.ScriptSrcAttr),
        Style(FetchDirectiveKind.StyleSrcElem),
        StyleAttribute(FetchDirectiveKind.StyleSrcAttr),
        Navigation(FetchDirectiveKind.ScriptSrcElem);

        final FetchDirectiveKind effectiveDirective;

        InlineType(FetchDirectiveKind fetchDirectiveKind) {
            this.effectiveDirective = fetchDirectiveKind;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:gwt-2.10.1/gwt-dev.jar:com/shapesecurity/salvation2/Policy$NamedDirective.class */
    public static class NamedDirective {
        final String name;
        final Directive directive;
        final String lowcaseName;

        private NamedDirective(String str, Directive directive) {
            this.name = str;
            this.directive = directive;
            this.lowcaseName = this.name.toLowerCase(Locale.ENGLISH);
        }
    }

    @FunctionalInterface
    /* loaded from: input_file:gwt-2.10.1/gwt-dev.jar:com/shapesecurity/salvation2/Policy$PolicyErrorConsumer.class */
    public interface PolicyErrorConsumer {
        public static final PolicyErrorConsumer ignored = (severity, str, i, i2) -> {
        };

        void add(Severity severity, String str, int i, int i2);
    }

    @FunctionalInterface
    /* loaded from: input_file:gwt-2.10.1/gwt-dev.jar:com/shapesecurity/salvation2/Policy$PolicyListErrorConsumer.class */
    public interface PolicyListErrorConsumer {
        public static final PolicyListErrorConsumer ignored = (severity, str, i, i2, i3) -> {
        };

        void add(Severity severity, String str, int i, int i2, int i3);
    }

    /* loaded from: input_file:gwt-2.10.1/gwt-dev.jar:com/shapesecurity/salvation2/Policy$Severity.class */
    public enum Severity {
        Info,
        Warning,
        Error
    }

    private Policy() {
    }

    @Nonnull
    public static PolicyList parseSerializedCSPList(String str, PolicyListErrorConsumer policyListErrorConsumer) {
        enforceAscii(str);
        ArrayList arrayList = new ArrayList();
        int[] iArr = {0};
        PolicyErrorConsumer policyErrorConsumer = (severity, str2, i, i2) -> {
            policyListErrorConsumer.add(severity, str2, iArr[0], i, i2);
        };
        for (String str3 : str.split(",")) {
            Policy parseSerializedCSP = parseSerializedCSP(str3, policyErrorConsumer);
            if (parseSerializedCSP.directives.isEmpty()) {
                iArr[0] = iArr[0] + 1;
            } else {
                arrayList.add(parseSerializedCSP);
                iArr[0] = iArr[0] + 1;
            }
        }
        return new PolicyList(arrayList);
    }

    @Nonnull
    public static Policy parseSerializedCSP(String str, PolicyErrorConsumer policyErrorConsumer) {
        enforceAscii(str);
        if (str.contains(",")) {
            throw new IllegalArgumentException("Serialized CSPs cannot contain commas - you may have wanted parseSerializedCSPList");
        }
        int[] iArr = {0};
        Directive.DirectiveErrorConsumer directiveErrorConsumer = (severity, str2, i) -> {
            policyErrorConsumer.add(severity, str2, iArr[0], i);
        };
        Policy policy = new Policy();
        for (String str3 : str.split(";")) {
            String stripTrailingWhitespace = stripTrailingWhitespace(stripLeadingWhitespace(str3));
            if (stripTrailingWhitespace.isEmpty()) {
                iArr[0] = iArr[0] + 1;
            } else {
                String collect = collect(stripTrailingWhitespace, "[^'" + Constants.WHITESPACE_CHARS + "]+");
                policy.add(collect, Utils.splitOnAsciiWhitespace(stripTrailingWhitespace.substring(collect.length())), directiveErrorConsumer);
                iArr[0] = iArr[0] + 1;
            }
        }
        return policy;
    }

    public Directive add(String str, List<String> list, Directive.DirectiveErrorConsumer directiveErrorConsumer) {
        Directive directive;
        enforceAscii(str);
        if (Directive.containsNonDirectiveCharacter.test(str)) {
            throw new IllegalArgumentException("directive names must not contain whitespace, ',', or ';'");
        }
        if (str.isEmpty()) {
            throw new IllegalArgumentException("directive names must not be empty");
        }
        boolean z = false;
        String lowerCase = str.toLowerCase(Locale.ENGLISH);
        boolean z2 = -1;
        switch (lowerCase.hashCode()) {
            case -1722650512:
                if (lowerCase.equals("base-uri")) {
                    z2 = false;
                    break;
                }
                break;
            case -1338435424:
                if (lowerCase.equals("frame-ancestors")) {
                    z2 = 3;
                    break;
                }
                break;
            case -353376844:
                if (lowerCase.equals("report-to")) {
                    z2 = 6;
                    break;
                }
                break;
            case 620456287:
                if (lowerCase.equals("plugin-types")) {
                    z2 = 5;
                    break;
                }
                break;
            case 1140616228:
                if (lowerCase.equals("upgrade-insecure-requests")) {
                    z2 = 9;
                    break;
                }
                break;
            case 1400557627:
                if (lowerCase.equals("block-all-mixed-content")) {
                    z2 = true;
                    break;
                }
                break;
            case 1865400007:
                if (lowerCase.equals("sandbox")) {
                    z2 = 8;
                    break;
                }
                break;
            case 1907912791:
                if (lowerCase.equals("navigate-to")) {
                    z2 = 4;
                    break;
                }
                break;
            case 1930220883:
                if (lowerCase.equals("report-uri")) {
                    z2 = 7;
                    break;
                }
                break;
            case 2012788575:
                if (lowerCase.equals("form-action")) {
                    z2 = 2;
                    break;
                }
                break;
        }
        switch (z2) {
            case false:
                SourceExpressionDirective sourceExpressionDirective = new SourceExpressionDirective(list, directiveErrorConsumer);
                if (this.baseUri == null) {
                    this.baseUri = sourceExpressionDirective;
                } else {
                    z = true;
                }
                directive = sourceExpressionDirective;
                break;
            case true:
                if (this.blockAllMixedContent) {
                    z = true;
                } else {
                    if (!list.isEmpty()) {
                        directiveErrorConsumer.add(Severity.Error, "The block-all-mixed-content directive does not support values", 0);
                    }
                    this.blockAllMixedContent = true;
                }
                directive = new Directive(list);
                break;
            case true:
                SourceExpressionDirective sourceExpressionDirective2 = new SourceExpressionDirective(list, directiveErrorConsumer);
                if (this.formAction == null) {
                    this.formAction = sourceExpressionDirective2;
                } else {
                    z = true;
                }
                directive = sourceExpressionDirective2;
                break;
            case true:
                FrameAncestorsDirective frameAncestorsDirective = new FrameAncestorsDirective(list, directiveErrorConsumer);
                if (this.frameAncestors == null) {
                    this.frameAncestors = frameAncestorsDirective;
                } else {
                    z = true;
                }
                directive = frameAncestorsDirective;
                break;
            case true:
                SourceExpressionDirective sourceExpressionDirective3 = new SourceExpressionDirective(list, directiveErrorConsumer);
                if (this.navigateTo == null) {
                    this.navigateTo = sourceExpressionDirective3;
                } else {
                    z = true;
                }
                directive = sourceExpressionDirective3;
                break;
            case true:
                PluginTypesDirective pluginTypesDirective = new PluginTypesDirective(list, directiveErrorConsumer);
                if (this.pluginTypes == null) {
                    this.pluginTypes = pluginTypesDirective;
                } else {
                    z = true;
                }
                directive = pluginTypesDirective;
                break;
            case true:
                if (this.reportTo != null) {
                    z = true;
                } else if (list.size() == 0) {
                    directiveErrorConsumer.add(Severity.Error, "The report-to directive requires a value", -1);
                } else if (list.size() == 1) {
                    String str2 = list.get(0);
                    Optional<RFC7230Token> parseRFC7230Token = RFC7230Token.parseRFC7230Token(str2);
                    if (parseRFC7230Token.isPresent()) {
                        this.reportTo = parseRFC7230Token.get();
                    } else {
                        directiveErrorConsumer.add(Severity.Error, "Expecting RFC 7230 token but found \"" + str2 + JavadocConstants.ANCHOR_PREFIX_END, 0);
                    }
                } else {
                    directiveErrorConsumer.add(Severity.Error, "The report-to directive requires exactly one value (found " + list.size() + ")", 1);
                }
                directive = new Directive(list);
                break;
            case true:
                directiveErrorConsumer.add(Severity.Warning, "The report-uri directive has ben deprecated in favor of the new report-to directive", -1);
                ReportUriDirective reportUriDirective = new ReportUriDirective(list, directiveErrorConsumer);
                if (this.reportUri == null) {
                    this.reportUri = reportUriDirective;
                } else {
                    z = true;
                }
                directive = reportUriDirective;
                break;
            case true:
                SandboxDirective sandboxDirective = new SandboxDirective(list, directiveErrorConsumer);
                if (this.sandbox == null) {
                    this.sandbox = sandboxDirective;
                } else {
                    z = true;
                }
                directive = sandboxDirective;
                break;
            case true:
                if (this.upgradeInsecureRequests) {
                    z = true;
                } else {
                    if (!list.isEmpty()) {
                        directiveErrorConsumer.add(Severity.Error, "The upgrade-insecure-requests directive does not support values", 0);
                    }
                    this.upgradeInsecureRequests = true;
                }
                directive = new Directive(list);
                break;
            default:
                FetchDirectiveKind fromString = FetchDirectiveKind.fromString(lowerCase);
                if (fromString == null) {
                    directiveErrorConsumer.add(Severity.Warning, "Unrecognized directive " + lowerCase, -1);
                    directive = new Directive(list);
                    break;
                } else {
                    SourceExpressionDirective sourceExpressionDirective4 = new SourceExpressionDirective(list, directiveErrorConsumer);
                    if (this.fetchDirectives.containsKey(fromString)) {
                        z = true;
                    } else {
                        this.fetchDirectives.put(fromString, sourceExpressionDirective4);
                    }
                    directive = sourceExpressionDirective4;
                    break;
                }
        }
        this.directives.add(new NamedDirective(str, directive));
        if (z) {
            directiveErrorConsumer.add(Severity.Warning, "Duplicate directive " + lowerCase, -1);
        }
        return directive;
    }

    public boolean remove(String str) {
        boolean z = false;
        String lowerCase = str.toLowerCase(Locale.ENGLISH);
        ArrayList arrayList = new ArrayList(this.directives.size());
        for (NamedDirective namedDirective : this.directives) {
            if (namedDirective.lowcaseName.equals(lowerCase)) {
                z = true;
            } else {
                arrayList.add(namedDirective);
            }
        }
        if (!z) {
            return false;
        }
        this.directives = arrayList;
        boolean z2 = -1;
        switch (lowerCase.hashCode()) {
            case -1722650512:
                if (lowerCase.equals("base-uri")) {
                    z2 = false;
                    break;
                }
                break;
            case -1338435424:
                if (lowerCase.equals("frame-ancestors")) {
                    z2 = 3;
                    break;
                }
                break;
            case -353376844:
                if (lowerCase.equals("report-to")) {
                    z2 = 6;
                    break;
                }
                break;
            case 620456287:
                if (lowerCase.equals("plugin-types")) {
                    z2 = 5;
                    break;
                }
                break;
            case 1140616228:
                if (lowerCase.equals("upgrade-insecure-requests")) {
                    z2 = 9;
                    break;
                }
                break;
            case 1400557627:
                if (lowerCase.equals("block-all-mixed-content")) {
                    z2 = true;
                    break;
                }
                break;
            case 1865400007:
                if (lowerCase.equals("sandbox")) {
                    z2 = 8;
                    break;
                }
                break;
            case 1907912791:
                if (lowerCase.equals("navigate-to")) {
                    z2 = 4;
                    break;
                }
                break;
            case 1930220883:
                if (lowerCase.equals("report-uri")) {
                    z2 = 7;
                    break;
                }
                break;
            case 2012788575:
                if (lowerCase.equals("form-action")) {
                    z2 = 2;
                    break;
                }
                break;
        }
        switch (z2) {
            case false:
                this.baseUri = null;
                return true;
            case true:
                this.blockAllMixedContent = false;
                return true;
            case true:
                this.formAction = null;
                return true;
            case true:
                this.frameAncestors = null;
                return true;
            case true:
                this.navigateTo = null;
                return true;
            case true:
                this.pluginTypes = null;
                return true;
            case true:
                this.reportTo = null;
                return true;
            case true:
                this.reportUri = null;
                return true;
            case true:
                this.sandbox = null;
                return true;
            case true:
                this.upgradeInsecureRequests = false;
                return true;
            default:
                FetchDirectiveKind fromString = FetchDirectiveKind.fromString(lowerCase);
                if (fromString == null) {
                    return true;
                }
                this.fetchDirectives.remove(fromString);
                return true;
        }
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        boolean z = true;
        for (NamedDirective namedDirective : this.directives) {
            if (!z) {
                sb.append("; ");
            }
            z = false;
            sb.append(namedDirective.name);
            for (String str : namedDirective.directive.getValues()) {
                sb.append(' ');
                sb.append(str);
            }
        }
        return sb.toString();
    }

    public Optional<SourceExpressionDirective> baseUri() {
        return Optional.ofNullable(this.baseUri);
    }

    public boolean blockAllMixedContent() {
        return this.blockAllMixedContent;
    }

    public void setBlockAllMixedContent(boolean z) {
        if (this.blockAllMixedContent) {
            if (z) {
                return;
            }
            remove("block-all-mixed-content");
        } else if (z) {
            this.blockAllMixedContent = true;
            this.directives.add(new NamedDirective("block-all-mixed-content", new Directive(Collections.emptyList())));
        }
    }

    public Optional<SourceExpressionDirective> formAction() {
        return Optional.ofNullable(this.formAction);
    }

    public Optional<FrameAncestorsDirective> frameAncestors() {
        return Optional.ofNullable(this.frameAncestors);
    }

    public Optional<SourceExpressionDirective> navigateTo() {
        return Optional.ofNullable(this.navigateTo);
    }

    public Optional<PluginTypesDirective> pluginTypes() {
        return Optional.ofNullable(this.pluginTypes);
    }

    public Optional<RFC7230Token> reportTo() {
        return Optional.ofNullable(this.reportTo);
    }

    public void setReportTo(RFC7230Token rFC7230Token) {
        if (rFC7230Token == null) {
            remove("report-to");
            return;
        }
        boolean z = false;
        Iterator<NamedDirective> it = this.directives.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            NamedDirective next = it.next();
            if (next.lowcaseName.equals("report-to")) {
                next.directive.values = new ArrayList();
                next.directive.addValue(rFC7230Token.value);
                z = true;
                break;
            }
        }
        if (!z) {
            this.directives.add(new NamedDirective("report-to", new Directive(Collections.singletonList(rFC7230Token.value))));
        }
        this.reportTo = rFC7230Token;
    }

    public Optional<ReportUriDirective> reportUri() {
        return Optional.ofNullable(this.reportUri);
    }

    public Optional<SandboxDirective> sandbox() {
        return Optional.ofNullable(this.sandbox);
    }

    public boolean upgradeInsecureRequests() {
        return this.upgradeInsecureRequests;
    }

    public void setUpgradeInsecureRequests(boolean z) {
        if (this.upgradeInsecureRequests) {
            if (z) {
                return;
            }
            remove("upgrade-insecure-requests");
        } else if (z) {
            this.upgradeInsecureRequests = true;
            this.directives.add(new NamedDirective("upgrade-insecure-requests", new Directive(Collections.emptyList())));
        }
    }

    public Optional<SourceExpressionDirective> getFetchDirective(FetchDirectiveKind fetchDirectiveKind) {
        return Optional.ofNullable(this.fetchDirectives.get(fetchDirectiveKind));
    }

    public boolean allowsExternalScript(Optional<String> optional, Optional<String> optional2, Optional<URLWithScheme> optional3, Optional<Boolean> optional4, Optional<URLWithScheme> optional5) {
        if (this.sandbox != null && !this.sandbox.allowScripts()) {
            return false;
        }
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.ScriptSrcElem).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (optional.isPresent()) {
            String str = optional.get();
            if (str.length() > 0 && orElse.getNonces().stream().anyMatch(nonce -> {
                return nonce.base64ValuePart.equals(str);
            })) {
                return true;
            }
        }
        if (optional2.isPresent() && !orElse.getHashes().isEmpty()) {
            boolean z = true;
            boolean z2 = false;
            Iterator<String> it = Utils.splitOnAsciiWhitespace(optional2.get()).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Optional<Hash> parseHash = Hash.parseHash("'" + it.next() + "'");
                if (parseHash.isPresent()) {
                    if (!orElse.getHashes().contains(parseHash.get())) {
                        z = false;
                        break;
                    }
                    z2 = true;
                }
            }
            if (z2 && z) {
                return true;
            }
        }
        if (orElse.strictDynamic()) {
            return !optional4.orElse(true).booleanValue();
        }
        if (optional3.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional3.get(), orElse, optional5);
        }
        return false;
    }

    public boolean allowsInlineScript(Optional<String> optional, Optional<String> optional2, Optional<Boolean> optional3) {
        if (this.sandbox == null || this.sandbox.allowScripts()) {
            return doesElementMatchSourceListForTypeAndSource(InlineType.Script, optional, optional2, optional3);
        }
        return false;
    }

    public boolean allowsScriptAsAttribute(Optional<String> optional) {
        if (this.sandbox == null || this.sandbox.allowScripts()) {
            return doesElementMatchSourceListForTypeAndSource(InlineType.ScriptAttribute, Optional.empty(), optional, Optional.empty());
        }
        return false;
    }

    public boolean allowsEval() {
        SourceExpressionDirective sourceExpressionDirective = this.fetchDirectives.get(this.fetchDirectives.containsKey(FetchDirectiveKind.ScriptSrc) ? FetchDirectiveKind.ScriptSrc : FetchDirectiveKind.DefaultSrc);
        return sourceExpressionDirective == null || sourceExpressionDirective.unsafeEval();
    }

    public boolean allowsNavigation(Optional<URLWithScheme> optional, Optional<Boolean> optional2, Optional<URLWithScheme> optional3, Optional<URLWithScheme> optional4) {
        if (this.navigateTo == null) {
            return true;
        }
        if (!this.navigateTo.unsafeAllowRedirects()) {
            return optional.isPresent() && doesUrlMatchSourceListInOrigin(optional.get(), this.navigateTo, optional4);
        }
        if (!optional2.orElse(false).booleanValue() && (!optional.isPresent() || !doesUrlMatchSourceListInOrigin(optional.get(), this.navigateTo, optional4))) {
            return false;
        }
        if (optional2.orElse(true).booleanValue()) {
            return optional3.isPresent() && doesUrlMatchSourceListInOrigin(optional3.get(), this.navigateTo, optional4);
        }
        return true;
    }

    public boolean allowsFormAction(Optional<URLWithScheme> optional, Optional<Boolean> optional2, Optional<URLWithScheme> optional3, Optional<URLWithScheme> optional4) {
        if (this.sandbox == null || this.sandbox.allowForms()) {
            return this.formAction != null ? optional.isPresent() && doesUrlMatchSourceListInOrigin(optional.get(), this.formAction, optional4) : allowsNavigation(optional, optional2, optional3, optional4);
        }
        return false;
    }

    public boolean allowsJavascriptUrlNavigation(Optional<String> optional, Optional<URLWithScheme> optional2) {
        return allowsNavigation(Optional.of(new GUID("javascript", optional.orElse(""))), Optional.of(false), Optional.empty(), optional2) && doesElementMatchSourceListForTypeAndSource(InlineType.Navigation, Optional.empty(), optional.map(str -> {
            return JavaScriptURLConnection.JAVASCRIPT_PREFIX + str;
        }), Optional.of(false));
    }

    public boolean allowsExternalStyle(Optional<String> optional, Optional<URLWithScheme> optional2, Optional<URLWithScheme> optional3) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.StyleSrcElem).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (optional.isPresent()) {
            String str = optional.get();
            if (str.length() > 0 && orElse.getNonces().stream().anyMatch(nonce -> {
                return nonce.base64ValuePart.equals(str);
            })) {
                return true;
            }
        }
        if (optional2.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional2.get(), orElse, optional3);
        }
        return false;
    }

    public boolean allowsInlineStyle(Optional<String> optional, Optional<String> optional2) {
        return doesElementMatchSourceListForTypeAndSource(InlineType.Style, optional, optional2, Optional.empty());
    }

    public boolean allowsStyleAsAttribute(Optional<String> optional) {
        return doesElementMatchSourceListForTypeAndSource(InlineType.StyleAttribute, Optional.empty(), optional, Optional.empty());
    }

    public boolean allowsFrame(Optional<URLWithScheme> optional, Optional<URLWithScheme> optional2) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.FrameSrc).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (optional.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional.get(), orElse, optional2);
        }
        return false;
    }

    public boolean allowsFrameAncestor(Optional<URLWithScheme> optional, Optional<URLWithScheme> optional2) {
        if (this.frameAncestors == null) {
            return true;
        }
        if (optional.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional.get(), this.frameAncestors, optional2);
        }
        return false;
    }

    public boolean allowsConnection(Optional<URLWithScheme> optional, Optional<URLWithScheme> optional2) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.ConnectSrc).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (!optional.isPresent()) {
            return false;
        }
        URLWithScheme uRLWithScheme = optional.get();
        String str = uRLWithScheme.scheme;
        URLWithScheme uRLWithScheme2 = uRLWithScheme;
        if (uRLWithScheme instanceof URI) {
            if (str.equals("ws")) {
                uRLWithScheme2 = new URI("http", uRLWithScheme.host, uRLWithScheme.port.intValue(), uRLWithScheme.path);
            } else if (str.equals("wss")) {
                uRLWithScheme2 = new URI(URIUtil.HTTPS, uRLWithScheme.host, uRLWithScheme.port.intValue(), uRLWithScheme.path);
            }
        }
        return doesUrlMatchSourceListInOrigin(uRLWithScheme2, orElse, optional2);
    }

    public boolean allowsFont(Optional<URLWithScheme> optional, Optional<URLWithScheme> optional2) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.FontSrc).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (optional.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional.get(), orElse, optional2);
        }
        return false;
    }

    public boolean allowsImage(Optional<URLWithScheme> optional, Optional<URLWithScheme> optional2) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.ImgSrc).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (optional.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional.get(), orElse, optional2);
        }
        return false;
    }

    public boolean allowsApplicationManifest(Optional<URLWithScheme> optional, Optional<URLWithScheme> optional2) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.ManifestSrc).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (optional.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional.get(), orElse, optional2);
        }
        return false;
    }

    public boolean allowsMedia(Optional<URLWithScheme> optional, Optional<URLWithScheme> optional2) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.MediaSrc).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (optional.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional.get(), orElse, optional2);
        }
        return false;
    }

    public boolean allowsObject(Optional<URLWithScheme> optional, Optional<URLWithScheme> optional2) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.ObjectSrc).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (optional.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional.get(), orElse, optional2);
        }
        return false;
    }

    public boolean allowsPrefetch(Optional<URLWithScheme> optional, Optional<URLWithScheme> optional2) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.PrefetchSrc).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (optional.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional.get(), orElse, optional2);
        }
        return false;
    }

    public boolean allowsWorker(Optional<URLWithScheme> optional, Optional<URLWithScheme> optional2) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind.WorkerSrc).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (optional.isPresent()) {
            return doesUrlMatchSourceListInOrigin(optional.get(), orElse, optional2);
        }
        return false;
    }

    public boolean allowsPlugin(Optional<MediaType> optional) {
        if (this.pluginTypes == null) {
            return true;
        }
        if (optional.isPresent()) {
            return this.pluginTypes.getMediaTypes().contains(optional.get());
        }
        return false;
    }

    public Optional<SourceExpressionDirective> getGoverningDirectiveForEffectiveDirective(FetchDirectiveKind fetchDirectiveKind) {
        for (FetchDirectiveKind fetchDirectiveKind2 : FetchDirectiveKind.getFetchDirectiveFallbackList(fetchDirectiveKind)) {
            SourceExpressionDirective sourceExpressionDirective = this.fetchDirectives.get(fetchDirectiveKind2);
            if (sourceExpressionDirective != null) {
                return Optional.of(sourceExpressionDirective);
            }
        }
        return Optional.empty();
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:44:0x010d. Please report as an issue. */
    private boolean doesElementMatchSourceListForTypeAndSource(InlineType inlineType, Optional<String> optional, Optional<String> optional2, Optional<Boolean> optional3) {
        SourceExpressionDirective orElse = getGoverningDirectiveForEffectiveDirective(inlineType.effectiveDirective).orElse(null);
        if (orElse == null) {
            return true;
        }
        if (orElse.getNonces().isEmpty() && orElse.getHashes().isEmpty() && !((inlineType == InlineType.Script || inlineType == InlineType.ScriptAttribute || inlineType == InlineType.Navigation) && orElse.strictDynamic()) && orElse.unsafeInline()) {
            return true;
        }
        if (optional.isPresent()) {
            String str = optional.get();
            if (str.length() > 0 && orElse.getNonces().stream().anyMatch(nonce -> {
                return nonce.base64ValuePart.equals(str);
            })) {
                return true;
            }
        }
        if (optional2.isPresent() && !orElse.getHashes().isEmpty() && (inlineType == InlineType.Script || inlineType == InlineType.Style || orElse.unsafeHashes())) {
            byte[] bytes = optional2.get().getBytes(StandardCharsets.UTF_8);
            Base64.Encoder encoder = Base64.getEncoder();
            String str2 = null;
            String str3 = null;
            String str4 = null;
            try {
                for (Hash hash : orElse.getHashes()) {
                    switch (hash.algorithm) {
                        case SHA256:
                            if (str2 == null) {
                                str2 = encoder.encodeToString(MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256).digest(bytes));
                            }
                            if (str2.equals(normalizeBase64Url(hash.base64ValuePart))) {
                                return true;
                            }
                        case SHA384:
                            if (str3 == null) {
                                str3 = encoder.encodeToString(MessageDigest.getInstance(MessageDigestAlgorithms.SHA_384).digest(bytes));
                            }
                            if (str3.equals(normalizeBase64Url(hash.base64ValuePart))) {
                                return true;
                            }
                        case SHA512:
                            if (str4 == null) {
                                str4 = encoder.encodeToString(MessageDigest.getInstance(MessageDigestAlgorithms.SHA_512).digest(bytes));
                            }
                            if (str4.equals(normalizeBase64Url(hash.base64ValuePart))) {
                                return true;
                            }
                        default:
                            throw new IllegalArgumentException("Unknown hash algorithm " + hash.algorithm);
                    }
                }
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException(e);
            }
        }
        return inlineType == InlineType.Script && orElse.strictDynamic() && !optional3.orElse(true).booleanValue();
    }

    private static String normalizeBase64Url(String str) {
        return str.replace('-', '+').replace('_', '/');
    }

    public static boolean doesUrlMatchSourceListInOrigin(URLWithScheme uRLWithScheme, HostSourceDirective hostSourceDirective, Optional<URLWithScheme> optional) {
        String str = uRLWithScheme.scheme;
        if (hostSourceDirective.star()) {
            if (Objects.equals(str, "ftp") || Objects.equals(str, "http") || Objects.equals(str, URIUtil.HTTPS)) {
                return true;
            }
            if (optional.isPresent() && Objects.equals(str, optional.get().scheme)) {
                return true;
            }
        }
        Iterator<Scheme> it = hostSourceDirective.getSchemes().iterator();
        while (it.hasNext()) {
            if (schemePartMatches(it.next().value, str)) {
                return true;
            }
        }
        for (Host host : hostSourceDirective.getHosts()) {
            String str2 = host.scheme;
            if (str2 != null) {
                if (!schemePartMatches(str2, str)) {
                    continue;
                } else if (uRLWithScheme.host != null && hostPartMatches(host.host, uRLWithScheme.host) && portPartMatches(host.port, uRLWithScheme.port.intValue(), str) && pathPartMatches(host.path, uRLWithScheme.path)) {
                    return true;
                }
            } else if (optional.isPresent() && schemePartMatches(optional.get().scheme, str)) {
                if (uRLWithScheme.host != null) {
                    return true;
                }
                continue;
            }
        }
        if (!hostSourceDirective.self() || !optional.isPresent()) {
            return false;
        }
        URLWithScheme uRLWithScheme2 = optional.get();
        String str3 = uRLWithScheme2.scheme;
        if (!Objects.equals(uRLWithScheme2.host, uRLWithScheme.host)) {
            return false;
        }
        if (!Objects.equals(uRLWithScheme2.port, uRLWithScheme.port) && (!Objects.equals(uRLWithScheme2.port, Integer.valueOf(URI.defaultPortForProtocol(str3))) || !Objects.equals(uRLWithScheme.port, Integer.valueOf(URI.defaultPortForProtocol(str))))) {
            return false;
        }
        if (str.equals(URIUtil.HTTPS) || str.equals("wss")) {
            return true;
        }
        if (str3.equals("http")) {
            return str.equals("http") || str.equals("ws");
        }
        return false;
    }

    private static boolean schemePartMatches(String str, String str2) {
        return str.equals(str2) || (str.equals("http") && str2.equals(URIUtil.HTTPS)) || ((str.equals("ws") && (str2.equals("wss") || str2.equals("http") || str2.equals(URIUtil.HTTPS))) || (str.equals("wss") && str2.equals(URIUtil.HTTPS)));
    }

    private static boolean hostPartMatches(String str, String str2) {
        if (str.startsWith("*")) {
            return str2.toLowerCase(Locale.ENGLISH).endsWith(str.substring(1).toLowerCase(Locale.ENGLISH));
        }
        if (str.equalsIgnoreCase(str2)) {
            return ((Constants.IPv4address.matcher(str).find() && !str.equals(ArgHandlerBindAddress.DEFAULT_BIND_ADDRESS)) || Constants.IPv6addressWithOptionalBracket.matcher(str).find() || Constants.IPV6loopback.matcher(str).find()) ? false : true;
        }
        return false;
    }

    private static boolean portPartMatches(int i, int i2, String str) {
        if (i == -1) {
            return i2 == URI.defaultPortForProtocol(str);
        }
        if (i == -200 || i == i2) {
            return true;
        }
        return i2 == -1 && i == URI.defaultPortForProtocol(str);
    }

    private static boolean pathPartMatches(String str, String str2) {
        if (str == null) {
            str = "";
        }
        if (str2 == null) {
            str2 = "";
        }
        if (str.isEmpty()) {
            return true;
        }
        if (str.equals("/") && str2.isEmpty()) {
            return true;
        }
        boolean z = !str.endsWith("/");
        List<String> strictlySplit = Utils.strictlySplit(str, '/');
        List<String> strictlySplit2 = Utils.strictlySplit(str2, '/');
        if (strictlySplit.size() > strictlySplit2.size()) {
            return false;
        }
        if (z && strictlySplit.size() != strictlySplit2.size()) {
            return false;
        }
        if (!z) {
            strictlySplit.remove(strictlySplit.size() - 1);
        }
        Iterator<String> it = strictlySplit.iterator();
        Iterator<String> it2 = strictlySplit2.iterator();
        while (it.hasNext()) {
            if (!Utils.decodeString(it.next()).equals(Utils.decodeString(it2.next()))) {
                return false;
            }
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void enforceAscii(String str) {
        if (!StandardCharsets.US_ASCII.newEncoder().canEncode(str)) {
            throw new IllegalArgumentException("string is not ascii: \"" + str + JavadocConstants.ANCHOR_PREFIX_END);
        }
    }

    private static String stripLeadingWhitespace(String str) {
        return str.replaceFirst("^[" + Constants.WHITESPACE_CHARS + "]+", "");
    }

    private static String stripTrailingWhitespace(String str) {
        return str.replaceAll("[" + Constants.WHITESPACE_CHARS + "]+$", "");
    }

    @Nonnull
    private static String collect(String str, String str2) {
        Matcher matcher = Pattern.compile(str2).matcher(str);
        return (matcher.find() && matcher.start() == 0) ? str.substring(0, matcher.end()) : "";
    }
}
