package org.parosproxy.paros.core.scanner;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Locale;
import org.apache.commons.httpclient.URIException;
import org.apache.log4j.Logger;
import org.parosproxy.paros.model.Model;
import org.parosproxy.paros.network.HttpHeader;
import org.parosproxy.paros.network.HttpHeaderField;
import org.parosproxy.paros.network.HttpMessage;
import org.parosproxy.paros.network.HttpRequestHeader;

/* loaded from: input_file:org/parosproxy/paros/core/scanner/VariantHeader.class */
public class VariantHeader implements Variant {
    private final List<NameValuePair> params = new ArrayList();
    private static ScannerParam scannerOptions;

    @Deprecated
    public static final String[] injectableHeaders = {HttpHeader.USER_AGENT, HttpHeader.REFERER, HttpRequestHeader.HOST};
    private static final String[] injectablesTempArray = {HttpHeader.CONTENT_LENGTH.toLowerCase(Locale.ROOT), HttpHeader.PRAGMA.toLowerCase(Locale.ROOT), HttpHeader.CACHE_CONTROL.toLowerCase(Locale.ROOT), HttpHeader.COOKIE.toLowerCase(Locale.ROOT), "Authorization".toLowerCase(Locale.ROOT), "Proxy-Authorization".toLowerCase(Locale.ROOT), HttpHeader.CONNECTION.toLowerCase(Locale.ROOT), HttpHeader.PROXY_CONNECTION.toLowerCase(Locale.ROOT), HttpHeader.IF_MODIFIED_SINCE.toLowerCase(Locale.ROOT), HttpHeader.IF_NONE_MATCH.toLowerCase(Locale.ROOT), HttpHeader.X_CSRF_TOKEN.toLowerCase(Locale.ROOT), HttpHeader.X_CSRFTOKEN.toLowerCase(Locale.ROOT), HttpHeader.X_XSRF_TOKEN.toLowerCase(Locale.ROOT), HttpHeader.X_ZAP_SCAN_ID.toLowerCase(Locale.ROOT), HttpHeader.X_ZAP_REQUESTID.toLowerCase(Locale.ROOT), HttpHeader.X_SECURITY_PROXY.toLowerCase(Locale.ROOT)};
    private static final HashSet<String> NON_INJECTABLE_HEADERS = new HashSet<>(Arrays.asList(injectablesTempArray));
    private static final Logger log = Logger.getLogger(VariantHeader.class);

    @Override // org.parosproxy.paros.core.scanner.Variant
    public void setMessage(HttpMessage httpMessage) {
        if (isValidMessageToScan(httpMessage)) {
            int i = 0;
            for (HttpHeaderField httpHeaderField : httpMessage.getRequestHeader().getHeaders()) {
                if (!NON_INJECTABLE_HEADERS.contains(httpHeaderField.getName().toLowerCase(Locale.ROOT))) {
                    int i2 = i;
                    i++;
                    this.params.add(new NameValuePair(8, httpHeaderField.getName(), httpHeaderField.getValue(), i2));
                }
            }
        }
    }

    private boolean isValidMessageToScan(HttpMessage httpMessage) {
        if (getScannerOptions().isScanHeadersAllRequests()) {
            return true;
        }
        String str = null;
        try {
            str = httpMessage.getRequestHeader().getURI().getQuery();
        } catch (URIException e) {
            log.error(e.getMessage(), e);
        }
        return ((str == null || str.isEmpty()) && httpMessage.getRequestBody().length() == 0) ? false : true;
    }

    private static ScannerParam getScannerOptions() {
        if (scannerOptions == null) {
            getScannerOptionsSync();
        }
        return scannerOptions;
    }

    private static synchronized void getScannerOptionsSync() {
        if (scannerOptions == null) {
            scannerOptions = (ScannerParam) Model.getSingleton().getOptionsParam().getParamSet(ScannerParam.class);
        }
    }

    @Override // org.parosproxy.paros.core.scanner.Variant
    public List<NameValuePair> getParamList() {
        return this.params;
    }

    @Override // org.parosproxy.paros.core.scanner.Variant
    public String setParameter(HttpMessage httpMessage, NameValuePair nameValuePair, String str, String str2) {
        return setParameter(httpMessage, nameValuePair, str, str2, false);
    }

    @Override // org.parosproxy.paros.core.scanner.Variant
    public String setEscapedParameter(HttpMessage httpMessage, NameValuePair nameValuePair, String str, String str2) {
        return setParameter(httpMessage, nameValuePair, str, str2, true);
    }

    private String setParameter(HttpMessage httpMessage, NameValuePair nameValuePair, String str, String str2, boolean z) {
        httpMessage.getRequestHeader().setHeader(nameValuePair.getName(), str2);
        return str + ":" + str2;
    }
}
