package com.google.caja.plugin.templates;

import com.google.caja.SomethingWidgyHappenedError;
import com.google.caja.lang.css.CssSchema;
import com.google.caja.lang.html.HTML;
import com.google.caja.lang.html.HtmlSchema;
import com.google.caja.lexer.ExternalReference;
import com.google.caja.lexer.FilePosition;
import com.google.caja.lexer.Keyword;
import com.google.caja.lexer.ParseException;
import com.google.caja.lexer.escaping.UriUtil;
import com.google.caja.parser.AncestorChain;
import com.google.caja.parser.ParseTreeNode;
import com.google.caja.parser.ParseTreeNodeContainer;
import com.google.caja.parser.ParseTreeNodeVisitor;
import com.google.caja.parser.css.CssTree;
import com.google.caja.parser.html.Nodes;
import com.google.caja.parser.js.AbstractExpression;
import com.google.caja.parser.js.ArrayConstructor;
import com.google.caja.parser.js.Block;
import com.google.caja.parser.js.Declaration;
import com.google.caja.parser.js.Expression;
import com.google.caja.parser.js.FunctionConstructor;
import com.google.caja.parser.js.Identifier;
import com.google.caja.parser.js.NullLiteral;
import com.google.caja.parser.js.Operation;
import com.google.caja.parser.js.Reference;
import com.google.caja.parser.js.Statement;
import com.google.caja.parser.js.StringLiteral;
import com.google.caja.parser.js.SyntheticNodes;
import com.google.caja.parser.quasiliteral.QuasiBuilder;
import com.google.caja.parser.quasiliteral.ReservedNames;
import com.google.caja.plugin.CssDynamicExpressionRewriter;
import com.google.caja.plugin.CssRewriter;
import com.google.caja.plugin.CssValidator;
import com.google.caja.plugin.JobEnvelope;
import com.google.caja.plugin.PluginMessageType;
import com.google.caja.plugin.PluginMeta;
import com.google.caja.plugin.UriPolicyHintKey;
import com.google.caja.plugin.UriPolicyNanny;
import com.google.caja.plugin.stages.EmbeddedContent;
import com.google.caja.reporting.MessageLevel;
import com.google.caja.reporting.MessagePart;
import com.google.caja.reporting.MessageQueue;
import com.google.caja.util.Lists;
import com.google.caja.util.Maps;
import com.google.caja.util.SyntheticAttributeKey;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import org.apache.shindig.gadgets.rewrite.OsTemplateXmlLoaderRewriter;
import org.apache.shiro.config.Ini;
import org.apache.tools.ant.types.selectors.SizeSelector;
import org.w3c.dom.Attr;

/* loaded from: input_file:WEB-INF/lib/caja-r5054.jar:com/google/caja/plugin/templates/HtmlAttributeRewriter.class */
public final class HtmlAttributeRewriter {
    private final PluginMeta meta;
    private final CssSchema cssSchema;
    private final HtmlSchema htmlSchema;
    private final MessageQueue mq;
    private final Map<Attr, EmbeddedContent> attributeContent;
    private final Map<String, String> handlerCache = Maps.newHashMap();
    private final List<EventHandler> handlers = Lists.newArrayList();
    public static final SyntheticAttributeKey<String> HANDLER_NAME = new SyntheticAttributeKey<>(String.class, "handlerName");
    private static final Pattern FORBIDDEN_ID = Pattern.compile("__\\s*$");
    private static final Pattern VALID_ID = Pattern.compile("^[\\p{Alnum}_$\\-.:;=()\\[\\]]+$");

    /* loaded from: input_file:WEB-INF/lib/caja-r5054.jar:com/google/caja/plugin/templates/HtmlAttributeRewriter$AttrValue.class */
    public static abstract class AttrValue {
        final JobEnvelope env;
        final Attr src;
        final FilePosition valuePos;
        final HTML.Attribute attrInfo;

        abstract Expression getValueExpr();

        abstract String getPlainValue();

        abstract String getRawValue();

        AttrValue(JobEnvelope jobEnvelope, Attr attr, FilePosition filePosition, HTML.Attribute attribute) {
            this.env = jobEnvelope;
            this.src = attr;
            this.valuePos = filePosition;
            this.attrInfo = attribute;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/caja-r5054.jar:com/google/caja/plugin/templates/HtmlAttributeRewriter$SanitizedAttr.class */
    public static final class SanitizedAttr {
        public final boolean isSafe;
        public final Expression result;

        SanitizedAttr(boolean z, Expression expression) {
            this.isSafe = z;
            this.result = expression;
        }
    }

    public HtmlAttributeRewriter(PluginMeta pluginMeta, CssSchema cssSchema, HtmlSchema htmlSchema, Map<Attr, EmbeddedContent> map, MessageQueue messageQueue) {
        this.meta = pluginMeta;
        this.cssSchema = cssSchema;
        this.htmlSchema = htmlSchema;
        this.attributeContent = map;
        this.mq = messageQueue;
    }

    public PluginMeta getPluginMeta() {
        return this.meta;
    }

    public CssSchema getCssSchema() {
        return this.cssSchema;
    }

    public HtmlSchema getHtmlSchema() {
        return this.htmlSchema;
    }

    public List<EventHandler> getHandlers() {
        return Collections.unmodifiableList(this.handlers);
    }

    public static AttrValue fromAttr(final Attr attr, HTML.Attribute attribute, JobEnvelope jobEnvelope) {
        return new AttrValue(jobEnvelope, attr, attr.getValue() != null ? Nodes.getFilePositionForValue(attr) : FilePosition.UNKNOWN, attribute) { // from class: com.google.caja.plugin.templates.HtmlAttributeRewriter.1
            @Override // com.google.caja.plugin.templates.HtmlAttributeRewriter.AttrValue
            Expression getValueExpr() {
                return StringLiteral.valueOf(this.valuePos, getPlainValue());
            }

            @Override // com.google.caja.plugin.templates.HtmlAttributeRewriter.AttrValue
            String getPlainValue() {
                return attr.getValue();
            }

            @Override // com.google.caja.plugin.templates.HtmlAttributeRewriter.AttrValue
            String getRawValue() {
                return Nodes.getRawValue(attr);
            }
        };
    }

    public SanitizedAttr sanitizeStringValue(AttrValue attrValue) {
        Expression expression = null;
        FilePosition filePosition = attrValue.valuePos;
        String plainValue = attrValue.getPlainValue();
        switch (attrValue.attrInfo.getType()) {
            case CLASSES:
                if (!checkForbiddenIdList(plainValue, filePosition)) {
                    return noResult(attrValue);
                }
                break;
            case FRAME_TARGET:
                expression = sanitizeFrameTargetValue(attrValue);
                break;
            case LOCAL_NAME:
                if (!checkValidId(plainValue, filePosition)) {
                    return noResult(attrValue);
                }
                break;
            case GLOBAL_NAME:
            case ID:
            case IDREF:
                if (!checkValidId(plainValue, filePosition)) {
                    return noResult(attrValue);
                }
                expression = rewriteIdentifiers(filePosition, plainValue);
                break;
            case IDREFS:
                if (!checkValidIdList(plainValue, filePosition)) {
                    return noResult(attrValue);
                }
                expression = rewriteIdentifiers(filePosition, plainValue);
                break;
            case NONE:
                if (!attrValue.attrInfo.getValueCriterion().accept(plainValue)) {
                    this.mq.addMessage(IhtmlMessageType.BAD_ATTRIB, filePosition, attrValue.attrInfo.getKey().el, attrValue.attrInfo.getKey(), MessagePart.Factory.valueOf(plainValue));
                    return noResult(attrValue);
                }
                break;
            case SCRIPT:
                String str = this.handlerCache.get(plainValue);
                if (str == null) {
                    Block jsFromAttrib = jsFromAttrib(attrValue);
                    if (jsFromAttrib == null || jsFromAttrib.children().isEmpty()) {
                        return noResult(attrValue);
                    }
                    rewriteEventHandlerReferences(jsFromAttrib);
                    str = this.meta.generateUniqueName(OsTemplateXmlLoaderRewriter.Converter.CHILDREN_KEY);
                    this.handlers.add(new EventHandler(attrValue.env, (Declaration) QuasiBuilder.substV("var @handlerName = ___./*@synthetic*/markFuncFreeze(    /*@synthetic*/function (        event, thisNode___) { @body*; });", "handlerName", SyntheticNodes.s(new Identifier(FilePosition.UNKNOWN, str)), "body", new ParseTreeNodeContainer(jsFromAttrib.children()))));
                    this.handlerCache.put(plainValue, str);
                }
                FunctionConstructor functionConstructor = (FunctionConstructor) QuasiBuilder.substV("(/*@synthetic*/ function (event) {  return /*@synthetic*/ (___.plugin_dispatchEvent___(      /*@synthetic*/this, event,       ___./*@synthetic*/getId(IMPORTS___), @tail));})", "tail", new Reference(SyntheticNodes.s(new Identifier(filePosition, str))));
                functionConstructor.setFilePosition(filePosition);
                functionConstructor.getAttributes().set(HANDLER_NAME, str);
                expression = functionConstructor;
                break;
            case STYLE:
                CssTree.DeclarationGroup styleFromAttrib = styleFromAttrib(attrValue);
                if (styleFromAttrib == null || styleFromAttrib.children().isEmpty()) {
                    return noResult(attrValue);
                }
                new CssValidator(this.cssSchema, this.htmlSchema, this.mq).withInvalidNodeMessageLevel(MessageLevel.WARNING).validateCss(AncestorChain.instance(styleFromAttrib));
                new CssRewriter(this.meta.getUriPolicy(), this.cssSchema, this.mq).withInvalidNodeMessageLevel(MessageLevel.WARNING).rewrite(AncestorChain.instance(styleFromAttrib));
                new CssDynamicExpressionRewriter(this.meta).rewriteCss(styleFromAttrib);
                ArrayConstructor cssToJs = CssDynamicExpressionRewriter.cssToJs(styleFromAttrib);
                if (cssToJs.children().size() == 0) {
                    return noResult(attrValue);
                }
                if (cssToJs.children().size() != 1) {
                    throw new SomethingWidgyHappenedError("Rewriter thinks STYLE attribute should contain plugin ID");
                }
                expression = cssToJs.children().get(0);
                break;
            case URI:
                if (this.attributeContent.containsKey(attrValue.src)) {
                    Block jsFromAttrib2 = jsFromAttrib(attrValue);
                    if (jsFromAttrib2 != null && !jsFromAttrib2.children().isEmpty()) {
                        String generateUniqueName = this.meta.generateUniqueName(OsTemplateXmlLoaderRewriter.Converter.CHILDREN_KEY);
                        Identifier s = SyntheticNodes.s(new Identifier(FilePosition.UNKNOWN, generateUniqueName));
                        this.handlers.add(new EventHandler(attrValue.env, (Statement) QuasiBuilder.substV("var @handlerIndex = IMPORTS___.handlers___.push(    ___./*@synthetic*/markFuncFreeze(        /*@synthetic*/function () { @body*; })) - 1;", "handlerIndex", s, "body", new ParseTreeNodeContainer(jsFromAttrib2.children()))));
                        this.handlerCache.put(plainValue, generateUniqueName);
                        Operation operation = (Operation) QuasiBuilder.substV("'javascript:' + /*@synthetic*/encodeURIComponent(   'try{void ___.plugin_dispatchToHandler___('    + ___./*@synthetic*/getId(IMPORTS___)    + ',' + @handlerIndex + ',[{}])}catch(_){}')", "handlerIndex", new Reference(s));
                        operation.setFilePosition(filePosition);
                        operation.getAttributes().set(HANDLER_NAME, generateUniqueName);
                        expression = operation;
                        break;
                    } else {
                        return noResult(attrValue);
                    }
                } else {
                    try {
                        URI uri = new URI(UriUtil.normalizeUri(plainValue));
                        if (this.meta.getUriPolicy() == null) {
                            expression = (Expression) QuasiBuilder.substV("IMPORTS___./*@synthetic*/rewriteUriInAttribute___(    @value, @tagName, @attribName)", SizeSelector.SIZE_KEY, new StringLiteral(filePosition, uri.toString()), "tagName", new StringLiteral(filePosition, attrValue.src.getOwnerElement().getTagName()), "attribName", new StringLiteral(filePosition, attrValue.src.getName()));
                            break;
                        } else {
                            ExternalReference externalReference = new ExternalReference(uri, filePosition);
                            String apply = UriPolicyNanny.apply(this.meta.getUriPolicy(), externalReference, attrValue.attrInfo.getUriEffect(), attrValue.attrInfo.getLoaderType(), Collections.singletonMap(UriPolicyHintKey.XML_ATTR.key, attrValue.attrInfo.getKey().toString()));
                            if (apply != null) {
                                expression = StringLiteral.valueOf(externalReference.getReferencePosition(), apply);
                                break;
                            } else {
                                this.mq.addMessage(PluginMessageType.DISALLOWED_URI, filePosition, MessagePart.Factory.valueOf(uri.toString()));
                                return noResult(attrValue);
                            }
                        }
                    } catch (URISyntaxException e) {
                        this.mq.addMessage(IhtmlMessageType.MALFORMED_URI, filePosition, MessagePart.Factory.valueOf(plainValue));
                        return noResult(attrValue);
                    }
                }
            case URI_FRAGMENT:
                if (plainValue.length() >= 2 && plainValue.startsWith(Ini.COMMENT_POUND)) {
                    String substring = plainValue.substring(1);
                    if (!checkValidId(substring, filePosition)) {
                        return noResult(attrValue);
                    }
                    JsConcatenator jsConcatenator = new JsConcatenator();
                    jsConcatenator.append(FilePosition.startOf(filePosition), Ini.COMMENT_POUND);
                    rewriteIdentifiers(filePosition, substring, jsConcatenator);
                    expression = jsConcatenator.toExpression(false);
                    break;
                } else {
                    this.mq.addMessage(IhtmlMessageType.BAD_ATTRIB, filePosition, attrValue.attrInfo.getKey().el, attrValue.attrInfo.getKey(), MessagePart.Factory.valueOf(plainValue));
                    return noResult(attrValue);
                }
                break;
            default:
                throw new SomethingWidgyHappenedError(attrValue.attrInfo.getType().name());
        }
        return new SanitizedAttr(true, expression);
    }

    Expression sanitizeFrameTargetValue(AttrValue attrValue) {
        FilePosition filePosition = attrValue.valuePos;
        return (Expression) QuasiBuilder.substV("IMPORTS___./*@synthetic*/rewriteTargetAttribute___(    @value, @tagName, @attribName)", SizeSelector.SIZE_KEY, null != attrValue.src.getUserData(TemplateCompiler.ATTRIBUTE_VALUE_WAS_UNSPECIFIED) ? new NullLiteral(filePosition) : new StringLiteral(filePosition, attrValue.src.getValue()), "tagName", new StringLiteral(filePosition, attrValue.src.getOwnerElement().getTagName()), "attribName", new StringLiteral(filePosition, attrValue.attrInfo.getKey().localName));
    }

    private boolean checkForbiddenId(String str, FilePosition filePosition) {
        if (!FORBIDDEN_ID.matcher(str).find()) {
            return true;
        }
        this.mq.addMessage(IhtmlMessageType.ILLEGAL_NAME, MessageLevel.WARNING, filePosition, MessagePart.Factory.valueOf(str));
        return false;
    }

    private boolean checkForbiddenIdList(String str, FilePosition filePosition) {
        boolean z = true;
        Iterator<String> it = identifiers(str).iterator();
        while (it.hasNext()) {
            z &= checkForbiddenId(it.next(), filePosition);
        }
        return z;
    }

    private boolean checkValidId(String str, FilePosition filePosition) {
        if (!checkForbiddenId(str, filePosition)) {
            return false;
        }
        if ("".equals(str) || VALID_ID.matcher(str).find()) {
            return true;
        }
        this.mq.addMessage(IhtmlMessageType.ILLEGAL_NAME, filePosition, MessagePart.Factory.valueOf(str));
        return false;
    }

    private boolean checkValidIdList(String str, FilePosition filePosition) {
        boolean z = true;
        Iterator<String> it = identifiers(str).iterator();
        while (it.hasNext()) {
            z &= checkValidId(it.next(), filePosition);
        }
        return z;
    }

    private Expression rewriteIdentifiers(FilePosition filePosition, String str) {
        if ("".equals(str)) {
            return null;
        }
        JsConcatenator jsConcatenator = new JsConcatenator();
        rewriteIdentifiers(filePosition, str, jsConcatenator);
        Expression expression = jsConcatenator.toExpression(false);
        ((AbstractExpression) expression).setFilePosition(filePosition);
        return expression;
    }

    private void rewriteIdentifiers(FilePosition filePosition, String str, JsConcatenator jsConcatenator) {
        String idClass = this.meta.getIdClass();
        Expression valueOf = idClass != null ? StringLiteral.valueOf(FilePosition.UNKNOWN, idClass) : (Expression) QuasiBuilder.substV("IMPORTS___.getIdClass___()", new Object[0]);
        boolean z = true;
        for (String str2 : identifiers(str)) {
            if (!"".equals(str2)) {
                jsConcatenator.append(filePosition, (z ? "" : " ") + str2 + "-");
                jsConcatenator.append(valueOf);
                z = false;
                filePosition = FilePosition.endOf(filePosition);
            }
        }
    }

    private static void rewriteEventHandlerReferences(Block block) {
        block.visitPreOrder(new ParseTreeNodeVisitor() { // from class: com.google.caja.plugin.templates.HtmlAttributeRewriter.2
            @Override // com.google.caja.parser.ParseTreeNodeVisitor
            public boolean visit(ParseTreeNode parseTreeNode) {
                if (parseTreeNode instanceof FunctionConstructor) {
                    return false;
                }
                if (!(parseTreeNode instanceof Reference)) {
                    return true;
                }
                Reference reference = (Reference) parseTreeNode;
                if (!Keyword.THIS.toString().equals(reference.getIdentifierName())) {
                    return false;
                }
                Identifier identifier = reference.getIdentifier();
                reference.replaceChild(SyntheticNodes.s(new Identifier(identifier.getFilePosition(), ReservedNames.THIS_NODE)), identifier);
                return false;
            }
        });
    }

    static SanitizedAttr noResult(AttrValue attrValue) {
        String safeValue = attrValue.attrInfo.getSafeValue();
        String defaultValue = attrValue.attrInfo.getDefaultValue();
        return (safeValue == null || defaultValue == null || safeValue.equals(defaultValue)) ? new SanitizedAttr(false, null) : new SanitizedAttr(true, StringLiteral.valueOf(attrValue.valuePos, safeValue));
    }

    private static Iterable<String> identifiers(String str) {
        String trim = str.trim();
        return "".equals(trim) ? Collections.emptyList() : Arrays.asList(trim.trim().split("\\s+"));
    }

    private Block jsFromAttrib(AttrValue attrValue) {
        EmbeddedContent embeddedContent = this.attributeContent.get(attrValue.src);
        if (embeddedContent == null) {
            return null;
        }
        try {
            ParseTreeNode parse = embeddedContent.parse(this.meta.getUriFetcher(), this.mq);
            if (parse instanceof Block) {
                return (Block) parse;
            }
            return null;
        } catch (ParseException e) {
            e.toMessageQueue(this.mq);
            return null;
        }
    }

    private CssTree.DeclarationGroup styleFromAttrib(AttrValue attrValue) {
        EmbeddedContent embeddedContent = this.attributeContent.get(attrValue.src);
        if (embeddedContent == null) {
            return null;
        }
        try {
            ParseTreeNode parse = embeddedContent.parse(this.meta.getUriFetcher(), this.mq);
            if (parse instanceof CssTree.DeclarationGroup) {
                return (CssTree.DeclarationGroup) parse;
            }
            return null;
        } catch (ParseException e) {
            e.toMessageQueue(this.mq);
            return null;
        }
    }
}
