package com.atlassian.confluence.servlet.download;

import com.atlassian.confluence.util.AttachmentMimeTypeTranslator;
import com.atlassian.confluence.util.GeneralUtil;
import com.atlassian.confluence.util.HtmlUtil;
import com.atlassian.http.mime.ContentDispositionHeaderGuesser;
import com.atlassian.renderer.embedded.EmbeddedFlash;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableMap;
import com.google.common.io.ByteStreams;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URLConnection;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.builder.ToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/confluence/servlet/download/DefaultAttachmentSafeContentHeaderGuesser.class */
public class DefaultAttachmentSafeContentHeaderGuesser implements SafeContentHeaderGuesser {
    private static final Logger log = LoggerFactory.getLogger(SafeContentHeaderGuesser.class);
    private AttachmentMimeTypeTranslator mimeTypeTranslator;
    private ContentDispositionHeaderGuesser contentTypeAndDispositionHeaderBlacklist;

    private boolean isInternetExplorer(String str) {
        return (str == null || !str.contains("MSIE") || str.contains("Opera")) ? false : true;
    }

    private boolean isImageMimeType(String str) {
        return StringUtils.isNotEmpty(str) && str.startsWith("image/");
    }

    private boolean isImage(InputStream inputStream) throws IOException {
        return isImageMimeType(guessContentTypeFromStream(inputStream));
    }

    @Override // com.atlassian.confluence.servlet.download.SafeContentHeaderGuesser
    public Map<String, String> computeAttachmentHeaders(String str, InputStream inputStream, String str2, String str3, long j, boolean z, Map<String, String[]> map) throws IOException {
        if (null != this.mimeTypeTranslator) {
            str = this.mimeTypeTranslator.resolveMimeType(str2, str);
        }
        String[] strArr = map.get("download");
        DispositionType guessDispositionType = (strArr == null || !strArr[0].equals("true")) ? guessDispositionType(str2, str, str3) : DispositionType.ATTACHMENT;
        if (!guessDispositionType.equals(DispositionType.INLINE) && str.equals(EmbeddedFlash.RESOURCE_TYPE) && z) {
            guessDispositionType = DispositionType.INLINE;
        }
        ImmutableMap.Builder<String, String> builder = ImmutableMap.builder();
        builder.put("Content-Type", str).put("Content-Length", Long.toString(j));
        if (!isImageMimeType(str) || !isImage(inputStream)) {
            builder.put("X-Content-Type-Options", "nosniff");
        }
        guessContentDisposition(str2, str3, guessDispositionType, builder);
        return builder.build();
    }

    @Override // com.atlassian.confluence.servlet.download.SafeContentHeaderGuesser
    @Deprecated
    public Map<String, String> computeAttachmentHeaders(InputStream inputStream, String str, String str2, String str3, long j, boolean z, Map<String, String> map) {
        try {
            return computeAttachmentHeaders(str, inputStream, str2, str3, j, z, fixHttpQueryParams(map));
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }

    @Override // com.atlassian.confluence.servlet.download.SafeContentHeaderGuesser
    @Deprecated
    public Map<String, String> computeAttachmentHeaders(String str, String str2, String str3, long j, boolean z, Map<String, String> map) {
        try {
            return computeAttachmentHeaders(str, new ByteArrayInputStream(new byte[0]), str2, str3, j, z, fixHttpQueryParams(map));
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }

    private Map<String, String[]> fixHttpQueryParams(Map<String, String> map) {
        try {
            HashMap hashMap = new HashMap();
            for (Map.Entry<String, String> entry : map.entrySet()) {
                if (entry.getValue() instanceof String[]) {
                    hashMap.put(entry.getKey(), (String[]) entry.getValue());
                } else {
                    hashMap.put(entry.getKey(), new String[]{entry.getValue()});
                }
            }
            return hashMap;
        } catch (ClassCastException e) {
            throw new IllegalStateException(e);
        }
    }

    private DispositionType guessDispositionType(String str, String str2, String str3) {
        String guessContentDispositionHeader = this.contentTypeAndDispositionHeaderBlacklist.guessContentDispositionHeader(str, str2, str3);
        if (guessContentDispositionHeader != null) {
            for (DispositionType dispositionType : DispositionType.values()) {
                if (guessContentDispositionHeader.toUpperCase(Locale.ENGLISH).equals(dispositionType.name().toUpperCase(Locale.ENGLISH))) {
                    return dispositionType;
                }
            }
        }
        log.error("The guessed Content-Disposition header [{}] for filename [{}], Content-Type [{}] and User-Agent [{}] does not map to any of these values {}, defaulting to [{}].", new Object[]{guessContentDispositionHeader, str, str2, str3, ToStringBuilder.reflectionToString(DispositionType.values(), ToStringStyle.SIMPLE_STYLE), DispositionType.ATTACHMENT});
        return DispositionType.ATTACHMENT;
    }

    private void guessContentDisposition(String str, String str2, DispositionType dispositionType, ImmutableMap.Builder<String, String> builder) {
        if (GeneralUtil.isAllAscii(str)) {
            if (isInternetExplorer(str2) && str.indexOf(32) != -1) {
                str = str.replaceAll("\\s", "%20");
            }
            builder.put("Content-Disposition", dispositionType.getValue() + "; filename=\"" + str + "\"");
            return;
        }
        if (!isInternetExplorer(str2)) {
            builder.put("Content-Disposition", dispositionType.getValue());
            return;
        }
        String urlEncode = HtmlUtil.urlEncode(str);
        if (urlEncode.indexOf(43) != -1) {
            urlEncode = urlEncode.replaceAll("\\+", "%20");
        }
        builder.put("Content-Disposition", dispositionType.getValue() + "; filename=\"" + urlEncode + "\"");
    }

    private String guessContentTypeFromStream(InputStream inputStream) throws IOException {
        Preconditions.checkArgument(inputStream.markSupported(), "InputStream must support resetting");
        String guessContentTypeFromStream = URLConnection.guessContentTypeFromStream(inputStream);
        if (guessContentTypeFromStream != null && !"audio/x-wav".equals(guessContentTypeFromStream)) {
            return guessContentTypeFromStream;
        }
        byte[] bArr = new byte[14];
        inputStream.mark(bArr.length);
        int read = ByteStreams.read(inputStream, bArr, 0, bArr.length);
        inputStream.reset();
        return (bArr[0] == 0 && bArr[1] == 0 && (bArr[2] == 1 || bArr[2] == 2) && read >= 4 && bArr[3] == 0) ? "image/x-icon" : (bArr[0] == 66 && bArr[1] == 77) ? "image/bmp" : (bArr[0] == 82 && bArr[1] == 73 && bArr[2] == 70 && bArr[3] == 70 && bArr[8] == 87 && bArr[9] == 69 && bArr[10] == 66 && bArr[11] == 80 && bArr[12] == 86 && bArr[13] == 80) ? "image/webp" : guessContentTypeFromStream;
    }

    public void setMimeTypeTranslator(AttachmentMimeTypeTranslator attachmentMimeTypeTranslator) {
        this.mimeTypeTranslator = attachmentMimeTypeTranslator;
    }

    public void setContentTypeAndDispositionHeaderBlacklist(ContentDispositionHeaderGuesser contentDispositionHeaderGuesser) {
        this.contentTypeAndDispositionHeaderBlacklist = contentDispositionHeaderGuesser;
    }
}
