package blackboard.util;

import blackboard.base.IFactory;
import blackboard.base.SingletonFactory;
import blackboard.persist.course.impl.CourseMembershipXmlDef_Bb5x;
import blackboard.platform.config.BbConfig;
import blackboard.platform.config.ConfigurationServiceFactory;
import blackboard.platform.security.UrlParameterLock;
import blackboard.platform.security.event.SecurityEvent;
import blackboard.platform.security.event.SecurityEventManager;
import blackboard.platform.security.event.codes.SecurityEventCode;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:blackboard/util/HostUtil.class */
public class HostUtil {
    public static final IFactory<HostUtil> Factory = SingletonFactory.getFactory(new HostUtil());
    private static final String REQUEST_METHOD = "HEAD";
    private static final String X_FRAME_OPTIONS = "X-Frame-Options";
    private static final String SAMEORIGIN = "SAMEORIGIN";
    private static final String DENY = "DENY";
    private static final int TIMEOUT = 1000;

    public static boolean shouldOpenInFrame(HttpServletRequest httpServletRequest, String str) {
        if (!StringUtil.notEmpty(str) || isLocalUrl(str)) {
            return true;
        }
        return (!UrlUtil.HTTPS_PROTOCOL.equalsIgnoreCase(httpServletRequest != null ? httpServletRequest.getScheme() : getProtocol()) || UrlUtil.HTTPS_PROTOCOL.equalsIgnoreCase(UrlUtil.getProtocol(str))) && canBeOpenedInFrame(str);
    }

    public static boolean canBeOpenedInFrame(String str) {
        if (isLocalUrl(str)) {
            return true;
        }
        if (!isProtocolMatching(str)) {
            return false;
        }
        try {
            return !Factory.getInstance().doXFrameOptionsDisallowFrame(str);
        } catch (Throwable th) {
            ExceptionUtil.checkForThreadDeath(th);
            return true;
        }
    }

    public static boolean isInsecureUrl(HttpServletRequest httpServletRequest, String str) {
        try {
            UrlParameterLock.getInstance().verifyUrlParameters(httpServletRequest, true);
            return false;
        } catch (NullPointerException | SecurityException e) {
            SecurityEventManager iFactory = SecurityEventManager.Factory.getInstance();
            SecurityEvent securityEvent = new SecurityEvent(iFactory.getType(SecurityEventCode.InvalidUrlRedirect), SecurityEvent.ACTION_IGNORED);
            securityEvent.setRequestParameter(CourseMembershipXmlDef_Bb5x.STR_XML_ATTR_HREF, str);
            iFactory.fireEvent(securityEvent, e);
            return true;
        }
    }

    private static boolean isLocalUrl(String str) {
        return UrlUtil.isLocal(UrlUtil.getHostName(null), str);
    }

    boolean doXFrameOptionsDisallowFrame(String str) throws IOException {
        return doXFrameOptionsDisallowFrame((HttpURLConnection) new URL(str).openConnection());
    }

    boolean doXFrameOptionsDisallowFrame(HttpURLConnection httpURLConnection) throws IOException {
        boolean z;
        try {
            httpURLConnection.setRequestMethod(REQUEST_METHOD);
            httpURLConnection.setReadTimeout(1000);
            String headerField = httpURLConnection.getHeaderField(X_FRAME_OPTIONS);
            if (!SAMEORIGIN.equalsIgnoreCase(headerField)) {
                if (!DENY.equalsIgnoreCase(headerField)) {
                    z = false;
                    return z;
                }
            }
            z = true;
            return z;
        } finally {
            httpURLConnection.disconnect();
        }
    }

    private static boolean isProtocolMatching(String str) {
        return getProtocol().equalsIgnoreCase(UrlUtil.getProtocol(str));
    }

    private static String getProtocol() {
        return ConfigurationServiceFactory.getInstance().getBbProperty(BbConfig.FRONTEND_PROTOCOL, UrlUtil.HTTPS_PROTOCOL);
    }
}
