package com.tencent.mobileqq.webview;

import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Bundle;
import android.os.Handler;
import android.os.Looper;
import android.text.TextUtils;
import com.tencent.biz.AuthorizeConfig;
import com.tencent.biz.ProtoServlet;
import com.tencent.biz.WebCgiWhiteListManager;
import com.tencent.biz.common.util.Util;
import com.tencent.biz.pubaccount.CustomWebView;
import com.tencent.biz.webviewplugin.SosoPlugin;
import com.tencent.common.app.AppInterface;
import com.tencent.common.app.BaseApplicationImpl;
import com.tencent.mobileqq.app.QQAppInterface;
import com.tencent.mobileqq.dating.HotChatFlashPicActivity;
import com.tencent.mobileqq.pb.ByteStringMicro;
import com.tencent.mobileqq.statistics.DcReportUtil;
import com.tencent.mobileqq.statistics.ReportController;
import com.tencent.mobileqq.transfile.SosoSrvAddrProvider;
import com.tencent.mobileqq.webview.swift.WebViewPlugin;
import com.tencent.mobileqq.webview.swift.WebviewPluginEventConfig;
import com.tencent.pb.webview.UrlQuery;
import com.tencent.qphone.base.util.QLog;
import com.tencent.smtt.sdk.WebView;
import defpackage.vud;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashSet;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import mqq.app.AppRuntime;
import mqq.app.NewIntent;
import mqq.observer.BusinessObserver;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: ProGuard */
/* loaded from: classes2.dex */
public class WebSecurityPlugin extends WebViewPlugin {

    /* renamed from: a, reason: collision with other field name */
    private static long f34540a = 0;

    /* renamed from: a, reason: collision with other field name */
    public static final String f34541a = "WebSecurityPlugin";

    /* renamed from: b, reason: collision with root package name */
    private static final int f64619b = 10240;

    /* renamed from: b, reason: collision with other field name */
    private static final long f34543b = 1800000;

    /* renamed from: b, reason: collision with other field name */
    public static final String f34544b = "UrlSaveVerify";

    /* renamed from: b, reason: collision with other field name */
    private static boolean f34545b = false;

    /* renamed from: c, reason: collision with root package name */
    public static final String f64620c = "key_isReadModeEnabled";
    public static final String d = "/cgi-bin/httpconn?htcmd=0x6ff0080";
    public static final String e = "key_isFromQZone";
    public static final String f = "webViewUrlCheckSp";
    public static final String g = "webViewUrlCheckSwitchKey";
    private static final String i = "http://pub.idqqimg.com/qqmobile/client/android/forbidden.html";

    /* renamed from: a, reason: collision with other field name */
    WebView f34547a;

    /* renamed from: c, reason: collision with other field name */
    private boolean f34551c;
    String h;

    /* renamed from: a, reason: collision with other field name */
    public static String[] f34542a = SosoPlugin.f6850a;

    /* renamed from: a, reason: collision with root package name */
    private static int f64618a = 20;

    /* renamed from: a, reason: collision with other field name */
    boolean f34550a = true;

    /* renamed from: a, reason: collision with other field name */
    private Set f34548a = new HashSet();

    /* renamed from: a, reason: collision with other field name */
    public Handler f34546a = new Handler(Looper.getMainLooper());

    /* renamed from: a, reason: collision with other field name */
    private final BusinessObserver f34549a = new vud(this);

    public WebSecurityPlugin() {
        this.mPluginNameSpace = f34544b;
    }

    private String a(Intent intent) {
        if (intent == null) {
            return "";
        }
        if (intent.getBooleanExtra("fromQrcode", false)) {
            return "mqq.qrcode";
        }
        if (intent.getBooleanExtra(e, false)) {
            return "mqq.qzone";
        }
        switch (intent.getIntExtra(HotChatFlashPicActivity.f21720g, -1)) {
            case 0:
                return "mqq.c2c";
            case 1:
                return "mqq.group";
            case 3000:
                return "mqq.discussion";
            default:
                return "";
        }
    }

    private String a(String str) {
        return this.f34550a ? a(this.mRuntime.a().getIntent(), str, SosoSrvAddrProvider.a()) : str;
    }

    /* renamed from: a, reason: collision with other method in class */
    private void m9594a(String str) {
        String str2;
        if (TextUtils.isEmpty(str) || this.mRuntime == null) {
            QLog.e(f34541a, 1, "sendSSOReq url or runtime is empty");
            return;
        }
        UrlQuery.UrlQueryReq urlQueryReq = new UrlQuery.UrlQueryReq();
        int length = str.length();
        if (length > 10240) {
            QLog.e(f34541a, 1, "This is illegal url, because the length " + length + " has been beyond the max length 10240");
            str2 = str.substring(0, 10240);
        } else {
            str2 = str;
        }
        urlQueryReq.bytes_url.set(ByteStringMicro.copyFrom(str2.getBytes()));
        String a2 = a(this.mRuntime.a().getIntent());
        if (a2 != null) {
            urlQueryReq.bytes_qq_pf_to.set(ByteStringMicro.copyFrom(a2.getBytes()));
        }
        NewIntent newIntent = new NewIntent(this.mRuntime.a(), ProtoServlet.class);
        newIntent.setWithouLogin(true);
        newIntent.putExtra("cmd", "UrlSecSvc.Webview");
        newIntent.putExtra("data", urlQueryReq.toByteArray());
        newIntent.setObserver(this.f34549a);
        AppRuntime m1871a = BaseApplicationImpl.a().m1871a();
        if (m1871a == null) {
            QLog.e(f34541a, 1, "sendSSOReq app = null");
        } else {
            m1871a.startServlet(newIntent);
            this.f34548a.add(str);
        }
    }

    public static boolean a() {
        long currentTimeMillis = System.currentTimeMillis();
        if (currentTimeMillis - f34540a > 1800000) {
            f34540a = currentTimeMillis;
            String string = BaseApplicationImpl.a().getSharedPreferences(WebCgiWhiteListManager.f51853a, 4).getString(WebCgiWhiteListManager.d, null);
            if (QLog.isColorLevel()) {
                QLog.i(f34541a, 1, "update max_verify_times : " + string);
            }
            if (string != null) {
                try {
                    JSONObject jSONObject = new JSONObject(string);
                    f34545b = jSONObject.optInt("is_switch", 0) == 1;
                    f64618a = jSONObject.optInt("limit_count", 20);
                } catch (JSONException e2) {
                    QLog.e(f34541a, 1, "parse max verify config failed!", e2);
                }
            }
        }
        return f34545b;
    }

    public static boolean a(Context context) {
        if (context == null) {
            return false;
        }
        int i2 = context.getSharedPreferences(f, 4).getInt(g, 0);
        QLog.d(f34541a, 1, "hasUrlSsoCheckSwitchOn isSSOCheckValidate = " + i2);
        return i2 == 1;
    }

    private boolean b() {
        if (this.mRuntime == null || this.mRuntime.a() == null) {
            return false;
        }
        return this.mRuntime.a().getIntent().getBooleanExtra("key_isReadModeEnabled", false);
    }

    String a(Intent intent, String str, SosoSrvAddrProvider sosoSrvAddrProvider) {
        if (str.contains(URLEncoder.encode("/cgi-bin/httpconn?htcmd=0x6ff0080")) || str.contains("/cgi-bin/httpconn?htcmd=0x6ff0080")) {
            return str;
        }
        try {
            String str2 = f34542a[new Random().nextInt(2)];
            StringBuilder sb = new StringBuilder();
            sb.append(str2);
            sb.append("&u=");
            sb.append(URLEncoder.encode(str, "UTF-8"));
            sb.append("&wap=3");
            sb.append("&qq-pf-to=").append(a(intent));
            String stringExtra = intent.getStringExtra("uin");
            if (!TextUtils.isEmpty(stringExtra)) {
                sb.append("&uin=").append(stringExtra);
            } else if (!TextUtils.isEmpty(this.h)) {
                sb.append("&uin=").append(this.h);
            }
            String stringExtra2 = intent.getStringExtra("friendUin");
            if (!TextUtils.isEmpty(stringExtra2)) {
                sb.append("&originuin=").append(stringExtra2);
            }
            str = sb.toString();
            return str;
        } catch (UnsupportedEncodingException e2) {
            e2.printStackTrace();
            return str;
        }
    }

    public void a(boolean z, Bundle bundle) {
        if (z) {
            byte[] byteArray = bundle.getByteArray("data");
            if (byteArray == null) {
                QLog.e(f34541a, 1, "urlCheckObserver data == null");
                return;
            }
            UrlQuery.UrlQueryRsp urlQueryRsp = new UrlQuery.UrlQueryRsp();
            try {
                urlQueryRsp.mergeFrom(byteArray);
                if (urlQueryRsp.uint32_result.get() != 0 || urlQueryRsp.uint32_jump_result.get() < 1) {
                    return;
                }
                String stringUtf8 = urlQueryRsp.bytes_jump_url.get().toStringUtf8();
                if (TextUtils.isEmpty(stringUtf8)) {
                    return;
                }
                CustomWebView m9630a = this.mRuntime != null ? this.mRuntime.m9630a() : null;
                if (m9630a != null) {
                    this.f34551c = true;
                    m9630a.stopLoading();
                    m9630a.clearHistory();
                    m9630a.loadUrl(stringUtf8);
                    QLog.d(f34541a, 1, "onReceive jumpUrl = " + stringUtf8);
                }
            } catch (Exception e2) {
                QLog.e(f34541a, 1, "onReceive exception e = ", e2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.tencent.mobileqq.webview.swift.WebViewPlugin
    public boolean handleEvent(String str, long j, Map map) {
        if (j == WebviewPluginEventConfig.n) {
            this.f34550a = true;
            if (this.f34551c) {
                this.f34547a.clearHistory();
                return false;
            }
            if (TextUtils.isEmpty(str) || !str.startsWith("http")) {
                return false;
            }
            ReportController.b(null, "P_CliOper", "BizTechReport", "", "web_safe", "url_safe_check", 0, 0, "", "", "", "");
            return false;
        }
        if (j == WebviewPluginEventConfig.o) {
            this.f34550a = true;
            return false;
        }
        if (j == WebviewPluginEventConfig.m) {
            this.f34550a = false;
            return false;
        }
        if (j != WebviewPluginEventConfig.H) {
            return false;
        }
        Activity a2 = this.mRuntime == null ? null : this.mRuntime.a();
        Intent intent = a2 == null ? null : a2.getIntent();
        StringBuilder sb = new StringBuilder();
        String a3 = a(intent);
        sb.append(str).append("|");
        sb.append(str).append("|");
        sb.append(a3);
        DcReportUtil.a((QQAppInterface) null, "dc01985", sb.toString(), true);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.tencent.mobileqq.webview.swift.WebViewPlugin
    public boolean handleSchemaRequest(String str, String str2) {
        if (!"http".equals(str2) && !"https".equals(str2)) {
            return false;
        }
        if (this.mRuntime == null || this.mRuntime.a() == null) {
            QLog.e(f34541a, 1, "handleSchemaRequest mRuntime empty");
            return false;
        }
        if (this.f34548a.contains(str)) {
            QLog.d(f34541a, 1, "handleSchemaRequest url has checked, url = " + Util.c(str, new String[0]));
            return false;
        }
        if (a() && this.f34548a.size() >= f64618a) {
            QLog.d(f34541a, 1, "handleSchemaRequest url check times enough, url = " + Util.c(str, new String[0]));
            return false;
        }
        if (AuthorizeConfig.a().m848b(str)) {
            if (!QLog.isColorLevel()) {
                return false;
            }
            QLog.d(f34541a, 2, "Url is on cig skip white list,the url:" + Util.b(str, new String[0]));
            return false;
        }
        if (a(this.mRuntime.a())) {
            if (this.f34551c) {
                QLog.d(f34541a, 1, "handleSchemaRequest hasSSOChecked , url = " + Util.c(str, new String[0]));
                return false;
            }
            m9594a(str);
            return false;
        }
        try {
            Uri parse = Uri.parse(str);
            if (parse != null && parse.isHierarchical()) {
                String host = parse.getHost();
                if (!TextUtils.isEmpty(host) && host.endsWith(".qq.com") && (str.contains(URLEncoder.encode("/cgi-bin/httpconn?htcmd=0x6ff0080")) || str.contains("/cgi-bin/httpconn?htcmd=0x6ff0080"))) {
                    if (!QLog.isColorLevel()) {
                        return false;
                    }
                    QLog.i(f34541a, 2, "SosoPlugin: url contains /cgi-bin/httpconn?htcmd=0x6ff0080, url: " + Util.c(str, new String[0]));
                    return false;
                }
            }
        } catch (Exception e2) {
            QLog.e(f34541a, 1, "", e2);
        }
        if (QLog.isColorLevel()) {
            QLog.d(f34541a, 2, "check url safety with old solution (<5.3)");
        }
        String a2 = a(str);
        if (str.equalsIgnoreCase(a2)) {
            return false;
        }
        this.f34547a.loadUrl(a2);
        return true;
    }

    @Override // com.tencent.mobileqq.webview.swift.WebViewPlugin
    public void onAppRuntimeReady(AppInterface appInterface) {
        this.h = appInterface.getCurrentAccountUin();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.tencent.mobileqq.webview.swift.WebViewPlugin
    public void onWebViewCreated(CustomWebView customWebView) {
        super.onWebViewCreated(customWebView);
        this.f34547a = customWebView;
    }
}
