package org.owasp.html;

import com.google.common.collect.ImmutableSet;
import javax.annotation.Nullable;
import org.apache.lucene.queryparser.ext.Extensions;
import org.apache.lucene.search.WildcardQuery;

@TCB
/* loaded from: input_file:org/owasp/html/FilterUrlByProtocolAttributePolicy.class */
public class FilterUrlByProtocolAttributePolicy implements AttributePolicy {
    private final ImmutableSet<String> protocols;
    private static String[] CONTROL_REPL = {"", "%01", "%02", "%03", "%04", "%05", "%06", "%07", "%08", "%09", "%0a", "%0b", "%0c", "%0d", "%0e", "%0f", "%10", "%11", "%12", "%13", "%14", "%15", "%16", "%17", "%18", "%19", "%1a", "%1b", "%1c", "%1d", "%1e", "%1f", "%20"};

    public FilterUrlByProtocolAttributePolicy(Iterable<? extends String> iterable) {
        this.protocols = ImmutableSet.copyOf(iterable);
    }

    @Override // org.owasp.html.AttributePolicy
    @Nullable
    public String apply(String str, String str2, String str3) {
        String stripHtmlSpaces = Strings.stripHtmlSpaces(str3);
        int i = 0;
        int length = stripHtmlSpaces.length();
        while (true) {
            if (i < length) {
                switch (stripHtmlSpaces.charAt(i)) {
                    case '#':
                    case '/':
                    case WildcardQuery.WILDCARD_CHAR /* 63 */:
                        if (stripHtmlSpaces.startsWith("//") && !allowProtocolRelativeUrls()) {
                            return null;
                        }
                        break;
                    case Extensions.DEFAULT_EXTENSION_FIELD_DELIMITER /* 58 */:
                        if (!this.protocols.contains(Strings.toLowerCase(stripHtmlSpaces.substring(0, i)))) {
                            return null;
                        }
                        break;
                    default:
                        i++;
                }
            }
        }
        return normalizeUri(stripHtmlSpaces);
    }

    protected boolean allowProtocolRelativeUrls() {
        return this.protocols.contains("http") && this.protocols.contains("https");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String normalizeUri(String str) {
        int length = str.length();
        boolean z = false;
        for (int i = 0; i < length; i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case '#':
                case '/':
                case Extensions.DEFAULT_EXTENSION_FIELD_DELIMITER /* 58 */:
                case WildcardQuery.WILDCARD_CHAR /* 63 */:
                    z = true;
                    break;
                case '(':
                case ')':
                case '{':
                case '}':
                    return normalizeUriFrom(str, i, z);
                case 1417:
                case 1475:
                case 8758:
                case 65306:
                    if (!z) {
                        return normalizeUriFrom(str, i, false);
                    }
                    break;
                default:
                    if (charAt <= ' ') {
                        return normalizeUriFrom(str, i, false);
                    }
                    break;
            }
        }
        return str;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:21:0x007e. Please report as an issue. */
    private static String normalizeUriFrom(String str, int i, boolean z) {
        int length = str.length();
        StringBuilder sb = new StringBuilder(length + 16);
        int i2 = 0;
        for (int i3 = i; i3 < length; i3++) {
            char charAt = str.charAt(i3);
            String str2 = null;
            switch (charAt) {
                case '(':
                    str2 = "%28";
                    break;
                case ')':
                    str2 = "%29";
                    break;
                case '{':
                    str2 = "%7b";
                    break;
                case '}':
                    str2 = "%7d";
                    break;
                default:
                    if (charAt < 256 || z) {
                        if (charAt <= ' ') {
                            str2 = CONTROL_REPL[charAt];
                            break;
                        }
                    } else {
                        switch (charAt) {
                            case 1417:
                                str2 = "%d6%89";
                                break;
                            case 1475:
                                str2 = "%d7%83";
                                break;
                            case 8758:
                                str2 = "%e2%88%b6";
                                break;
                            case 65306:
                                str2 = "%ef%bc%9a";
                                break;
                        }
                    }
                    break;
            }
            if (str2 != null) {
                sb.append((CharSequence) str, i2, i3).append(str2);
                i2 = i3 + 1;
            }
        }
        return sb.append((CharSequence) str, i2, length).toString();
    }

    public boolean equals(Object obj) {
        return obj != null && getClass() == obj.getClass() && this.protocols.equals(((FilterUrlByProtocolAttributePolicy) obj).protocols);
    }

    public int hashCode() {
        return this.protocols.hashCode();
    }
}
