package org.apache.jackrabbit.webdav.util;

import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import org.apache.commons.httpclient.methods.MultipartPostMethod;
import org.apache.commons.httpclient.methods.multipart.StringPart;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class CSRFUtil {
    public static final String DISABLED = "disabled";
    private final Set<String> allowedReferrerHosts;
    private final boolean disabled;
    public static final Set<String> CONTENT_TYPES = Collections.unmodifiableSet(new HashSet(Arrays.asList("application/x-www-form-urlencoded", MultipartPostMethod.MULTIPART_FORM_CONTENT_TYPE, StringPart.DEFAULT_CONTENT_TYPE)));
    private static final Logger log = LoggerFactory.getLogger(CSRFUtil.class);

    public CSRFUtil(String str) {
        if (str == null || str.length() == 0) {
            this.disabled = false;
            this.allowedReferrerHosts = Collections.emptySet();
            log.debug("CSRF protection disabled");
            return;
        }
        if (DISABLED.equalsIgnoreCase(str.trim())) {
            this.disabled = true;
            this.allowedReferrerHosts = Collections.emptySet();
        } else {
            this.disabled = false;
            String[] split = str.split(",");
            this.allowedReferrerHosts = new HashSet(split.length);
            for (String str2 : split) {
                this.allowedReferrerHosts.add(str2.trim());
            }
        }
        log.debug("CSRF protection enabled, allowed referrers: " + this.allowedReferrerHosts);
    }

    /* JADX WARN: Code restructure failed: missing block: B:39:0x009f, code lost:
    
        org.apache.jackrabbit.webdav.util.CSRFUtil.log.debug("POST with content type " + r2 + " blocked due to referer header field being: " + r0);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean isValidRequest(javax.servlet.http.HttpServletRequest r8) {
        /*
            r7 = this;
            boolean r0 = r7.disabled
            r1 = 1
            if (r0 == 0) goto L6
            return r1
        L6:
            java.lang.String r0 = r8.getMethod()
            java.lang.String r2 = "POST"
            boolean r0 = r2.equals(r0)
            if (r0 != 0) goto L13
            return r1
        L13:
            java.lang.String r0 = "Content-Type"
            java.util.Enumeration r0 = r8.getHeaders(r0)
            r2 = 0
            r3 = 0
            if (r0 == 0) goto L3f
            boolean r4 = r0.hasMoreElements()
            if (r4 == 0) goto L3f
            java.lang.Object r2 = r0.nextElement()
            java.lang.String r2 = (java.lang.String) r2
            r4 = 59
            int r4 = r2.indexOf(r4)
            if (r4 < 0) goto L35
            java.lang.String r2 = r2.substring(r3, r4)
        L35:
            java.lang.String r2 = r2.trim()
            java.util.Locale r4 = java.util.Locale.ENGLISH
            java.lang.String r2 = r2.toLowerCase(r4)
        L3f:
            if (r0 == 0) goto L4f
            boolean r0 = r0.hasMoreElements()
            if (r0 == 0) goto L4f
            org.slf4j.Logger r8 = org.apache.jackrabbit.webdav.util.CSRFUtil.log
            java.lang.String r0 = "request blocked because there were multiple content-type header fields"
            r8.debug(r0)
            return r3
        L4f:
            if (r2 == 0) goto L5a
            java.util.Set<java.lang.String> r0 = org.apache.jackrabbit.webdav.util.CSRFUtil.CONTENT_TYPES
            boolean r0 = r0.contains(r2)
            if (r0 != 0) goto L5a
            return r1
        L5a:
            java.lang.String r0 = "Referer"
            java.lang.String r0 = r8.getHeader(r0)
            java.lang.String r4 = "POST with content type "
            if (r0 != 0) goto L7e
            org.slf4j.Logger r8 = org.apache.jackrabbit.webdav.util.CSRFUtil.log
            java.lang.StringBuilder r0 = new java.lang.StringBuilder
            r0.<init>()
            r0.append(r4)
            r0.append(r2)
            java.lang.String r1 = " blocked due to missing referer header field"
            r0.append(r1)
            java.lang.String r0 = r0.toString()
            r8.debug(r0)
            return r3
        L7e:
            java.net.URI r5 = new java.net.URI     // Catch: java.net.URISyntaxException -> Lbc
            r5.<init>(r0)     // Catch: java.net.URISyntaxException -> Lbc
            java.lang.String r5 = r5.getHost()     // Catch: java.net.URISyntaxException -> Lbc
            if (r5 == 0) goto L9d
            java.lang.String r8 = r8.getServerName()     // Catch: java.net.URISyntaxException -> Lbc
            boolean r8 = r5.equals(r8)     // Catch: java.net.URISyntaxException -> Lbc
            if (r8 != 0) goto L9d
            java.util.Set<java.lang.String> r8 = r7.allowedReferrerHosts     // Catch: java.net.URISyntaxException -> Lbc
            boolean r8 = r8.contains(r5)     // Catch: java.net.URISyntaxException -> Lbc
            if (r8 == 0) goto L9c
            goto L9d
        L9c:
            r1 = 0
        L9d:
            if (r1 != 0) goto Lbb
            org.slf4j.Logger r8 = org.apache.jackrabbit.webdav.util.CSRFUtil.log     // Catch: java.net.URISyntaxException -> Lbc
            java.lang.StringBuilder r5 = new java.lang.StringBuilder     // Catch: java.net.URISyntaxException -> Lbc
            r5.<init>()     // Catch: java.net.URISyntaxException -> Lbc
            r5.append(r4)     // Catch: java.net.URISyntaxException -> Lbc
            r5.append(r2)     // Catch: java.net.URISyntaxException -> Lbc
            java.lang.String r6 = " blocked due to referer header field being: "
            r5.append(r6)     // Catch: java.net.URISyntaxException -> Lbc
            r5.append(r0)     // Catch: java.net.URISyntaxException -> Lbc
            java.lang.String r5 = r5.toString()     // Catch: java.net.URISyntaxException -> Lbc
            r8.debug(r5)     // Catch: java.net.URISyntaxException -> Lbc
        Lbb:
            return r1
        Lbc:
            org.slf4j.Logger r8 = org.apache.jackrabbit.webdav.util.CSRFUtil.log
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            r1.<init>()
            r1.append(r4)
            r1.append(r2)
            java.lang.String r2 = " blocked due to malformed referer header field: "
            r1.append(r2)
            r1.append(r0)
            java.lang.String r0 = r1.toString()
            r8.debug(r0)
            return r3
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.jackrabbit.webdav.util.CSRFUtil.isValidRequest(javax.servlet.http.HttpServletRequest):boolean");
    }
}
