package org.owasp.webscarab.plugin.spider;

import flex.messaging.io.amf.client.AMFConnection;
import java.io.IOException;
import java.net.MalformedURLException;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;
import java.util.logging.Logger;
import org.apache.xalan.templates.Constants;
import org.htmlparser.Node;
import org.htmlparser.Tag;
import org.htmlparser.filters.HasAttributeFilter;
import org.htmlparser.filters.OrFilter;
import org.htmlparser.tags.FormTag;
import org.htmlparser.util.NodeList;
import org.htmlparser.util.ParserException;
import org.htmlparser.util.SimpleNodeIterator;
import org.owasp.webscarab.httpclient.ConversationHandler;
import org.owasp.webscarab.httpclient.FetcherQueue;
import org.owasp.webscarab.model.ConversationID;
import org.owasp.webscarab.model.Cookie;
import org.owasp.webscarab.model.HttpUrl;
import org.owasp.webscarab.model.NamedValue;
import org.owasp.webscarab.model.Request;
import org.owasp.webscarab.model.Response;
import org.owasp.webscarab.model.StoreException;
import org.owasp.webscarab.model.UrlModel;
import org.owasp.webscarab.parser.Parser;
import org.owasp.webscarab.plugin.Framework;
import org.owasp.webscarab.plugin.Hook;
import org.owasp.webscarab.plugin.Plugin;

/* loaded from: input_file:main/WebScarab-1.0.0-SNAPSHOT.jar:org/owasp/webscarab/plugin/spider/Spider.class */
public class Spider implements Plugin, ConversationHandler {
    private SpiderModel _model;
    private Framework _framework;
    private FetcherQueue _fetcherQueue;
    private int _threads = 4;
    private Thread _runThread = null;
    private Logger _logger = Logger.getLogger(getClass().getName());

    public Spider(Framework framework) {
        this._model = null;
        this._framework = null;
        this._fetcherQueue = null;
        this._framework = framework;
        this._model = new SpiderModel(this._framework.getModel());
        this._fetcherQueue = new FetcherQueue("Spider", this, 4, 0);
    }

    public SpiderModel getModel() {
        return this._model;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public String getPluginName() {
        return new String("Spider");
    }

    @Override // org.owasp.webscarab.plugin.Plugin, java.lang.Runnable
    public void run() {
        this._model.setStatus("Started");
        this._model.setStopping(false);
        this._runThread = Thread.currentThread();
        this._model.setRunning(true);
        while (!this._model.isStopping()) {
            if (queueRequests()) {
                Thread.yield();
            } else {
                try {
                    Thread.sleep(100L);
                } catch (InterruptedException e) {
                }
            }
        }
        this._fetcherQueue.clearRequestQueue();
        this._model.setRunning(false);
        this._runThread = null;
        this._model.setStatus("Stopped");
    }

    private boolean queueRequests() {
        if (this._model.getQueuedLinkCount() == 0 || this._fetcherQueue.getRequestsQueued() > this._threads) {
            return false;
        }
        while (this._model.getQueuedLinkCount() > 0 && this._fetcherQueue.getRequestsQueued() <= this._threads) {
            Link dequeueLink = this._model.dequeueLink();
            if (dequeueLink == null) {
                this._logger.warning("Got a null link from the link queue");
                return false;
            }
            Request newGetRequest = newGetRequest(dequeueLink);
            if (this._model.getCookieSync()) {
                Cookie[] cookiesForUrl = this._model.getCookiesForUrl(newGetRequest.getURL());
                if (cookiesForUrl.length > 0) {
                    StringBuffer stringBuffer = new StringBuffer();
                    stringBuffer.append(cookiesForUrl[0].getName()).append(AMFConnection.COOKIE_NAMEVALUE_SEPERATOR).append(cookiesForUrl[0].getValue());
                    for (int i = 1; i < cookiesForUrl.length; i++) {
                        stringBuffer.append("; ").append(cookiesForUrl[i].getName()).append(AMFConnection.COOKIE_NAMEVALUE_SEPERATOR).append(cookiesForUrl[i].getValue());
                    }
                    newGetRequest.setHeader("Cookie", stringBuffer.toString());
                }
            }
            this._fetcherQueue.submit(newGetRequest);
        }
        return true;
    }

    @Override // org.owasp.webscarab.httpclient.ConversationHandler
    public void responseReceived(Response response) {
        Request request = response.getRequest();
        if (request == null) {
            this._logger.warning("Got a null request from the response!");
            return;
        }
        if (response.getStatus().startsWith("401")) {
            this._logger.info("Invalid credentials or authentication required for " + request.getURL());
            this._model.setAuthRequired(request.getURL());
            return;
        }
        this._framework.addConversation(request, response, "Spider");
        if (this._model.getCookieSync()) {
            NamedValue[] headers = response.getHeaders();
            for (int i = 0; i < headers.length; i++) {
                if (headers[i].getName().equalsIgnoreCase(AMFConnection.SET_COOKIE) || headers[i].getName().equalsIgnoreCase(AMFConnection.SET_COOKIE2)) {
                    this._model.addCookie(new Cookie(new Date(), request.getURL(), headers[i].getValue()));
                }
            }
        }
    }

    @Override // org.owasp.webscarab.httpclient.ConversationHandler
    public void requestError(Request request, IOException iOException) {
        this._logger.info("Requested " + request.getURL() + " got IOException " + iOException.getMessage());
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isBusy() {
        return this._model.isRunning() && this._model.getQueuedLinkCount() > 0;
    }

    private boolean allowedURL(HttpUrl httpUrl) {
        return isAllowedDomain(httpUrl) && !this._model.isForbidden(httpUrl);
    }

    private boolean isAllowedDomain(HttpUrl httpUrl) {
        String allowedDomains = this._model.getAllowedDomains();
        if (allowedDomains != null) {
            try {
                if (!allowedDomains.equals("")) {
                    if (httpUrl.getHost().matches(allowedDomains)) {
                        return true;
                    }
                }
            } catch (Exception e) {
                return false;
            }
        }
        return false;
    }

    public void requestLinksUnder(HttpUrl httpUrl) {
        LinkedList linkedList = new LinkedList();
        queueLinksUnder(httpUrl, linkedList, 50);
        while (linkedList.size() > 0) {
            this._model.queueLink(linkedList.remove(0));
        }
    }

    private void queueLinksUnder(HttpUrl httpUrl, List<Link> list, int i) {
        if (this._model.isUnseen(httpUrl)) {
            if (this._model.isForbidden(httpUrl) || httpUrl.toString().matches(this._framework.getDropPattern())) {
                this._logger.warning("Skipping forbidden path " + httpUrl);
            } else {
                list.add(new Link(httpUrl, this._model.getReferer(httpUrl)));
            }
        }
        if (list.size() == i) {
            return;
        }
        UrlModel urlModel = this._model.getUrlModel();
        int childCount = urlModel.getChildCount(httpUrl);
        for (int i2 = 0; i2 < childCount; i2++) {
            queueLinksUnder(urlModel.getChildAt(httpUrl, i2), list, i);
            if (list.size() == i) {
                return;
            }
        }
    }

    public void requestLinks(HttpUrl[] httpUrlArr) {
        for (int i = 0; i < httpUrlArr.length; i++) {
            this._model.queueLink(new Link(httpUrlArr[i], this._model.getReferer(httpUrlArr[i])));
        }
    }

    public void clearQueue() {
        this._model.clearLinkQueue();
    }

    private Request newGetRequest(Link link) {
        HttpUrl url = link.getURL();
        String referer = link.getReferer();
        Request request = new Request();
        request.setMethod(FormTag.GET);
        request.setURL(url);
        request.setVersion("HTTP/1.0");
        if (referer != null) {
            request.setHeader("Referer", referer);
        }
        request.setHeader("Host", url.getHost() + ":" + url.getPort());
        if (request.getVersion().equals("HTTP/1.0")) {
            request.setHeader("Connection", "Keep-Alive");
        }
        NamedValue[] extraHeaders = this._model.getExtraHeaders();
        if (extraHeaders != null && extraHeaders.length > 0) {
            for (int i = 0; i < extraHeaders.length; i++) {
                if (extraHeaders[i] != null) {
                    request.addHeader(extraHeaders[i]);
                }
            }
        }
        return request;
    }

    public void setExtraHeaders(NamedValue[] namedValueArr) {
        this._model.setExtraHeaders(namedValueArr);
    }

    public NamedValue[] getExtraHeaders() {
        return this._model.getExtraHeaders();
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void flush() throws StoreException {
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean stop() {
        if (isBusy()) {
            return false;
        }
        this._model.setStopping(true);
        try {
            this._runThread.join(5000L);
        } catch (InterruptedException e) {
            this._logger.severe("Interrupted stopping " + getPluginName());
        }
        return !this._model.isRunning();
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public String getStatus() {
        return this._model.getStatus();
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void analyse(ConversationID conversationID, Request request, Response response, String str) {
        HttpUrl url = request.getURL();
        if (!response.getStatus().equals("302")) {
            Object parse = Parser.parse(url, response);
            if (parse == null || !(parse instanceof NodeList)) {
                return;
            }
            processHtml(url, (NodeList) parse);
            return;
        }
        String header = response.getHeader("Location");
        if (header == null) {
            this._logger.warning("302 received, but no Location header!");
            return;
        }
        try {
            this._model.addUnseenLink(new HttpUrl(url, header), url);
        } catch (MalformedURLException e) {
            this._logger.warning("Badly formed Location header : " + header);
        }
    }

    private void processHtml(HttpUrl httpUrl, NodeList nodeList) {
        try {
            SimpleNodeIterator elements = nodeList.extractAllNodesThatMatch(new OrFilter(new OrFilter(new OrFilter(new HasAttributeFilter(Constants.ATTRNAME_HREF), new HasAttributeFilter("src")), new HasAttributeFilter("onclick")), new HasAttributeFilter("onblur"))).elements();
            while (elements.hasMoreNodes()) {
                Node nextNode = elements.nextNode();
                if (nextNode instanceof Tag) {
                    boolean z = false;
                    Tag tag = (Tag) nextNode;
                    String attribute = tag.getAttribute("src");
                    if (attribute != null) {
                        processLink(httpUrl, attribute);
                        z = true;
                    }
                    String attribute2 = tag.getAttribute(Constants.ATTRNAME_HREF);
                    if (attribute2 != null) {
                        processLink(httpUrl, attribute2);
                        z = true;
                    }
                    if (!z) {
                    }
                }
            }
        } catch (ParserException e) {
            this._logger.warning("ParserException : " + e);
        }
    }

    private void processLink(HttpUrl httpUrl, String str) {
        if (str.startsWith("http://") || str.startsWith("https://")) {
            try {
                this._model.addUnseenLink(new HttpUrl(str), httpUrl);
                return;
            } catch (MalformedURLException e) {
                this._logger.warning("Malformed link : " + str);
                return;
            }
        }
        if (str.toLowerCase().startsWith("mailto:")) {
            return;
        }
        if (str.toLowerCase().startsWith("javascript:")) {
            processScript(httpUrl, str.substring(10));
            return;
        }
        if (str.matches("^[a-zA-Z]+://.*")) {
            this._logger.info("Encountered an unhandled url scheme " + str);
            return;
        }
        this._logger.fine("Creating a new relative URL with " + httpUrl + " and " + str + " '");
        try {
            this._model.addUnseenLink(new HttpUrl(httpUrl, str), httpUrl);
        } catch (MalformedURLException e2) {
            this._logger.warning("Bad relative URL (" + httpUrl.toString() + ") : " + str);
        }
    }

    private void processScript(HttpUrl httpUrl, String str) {
        if (str.startsWith("window.open(")) {
            this._logger.info("Script opens a window : " + str);
        } else if (str.startsWith("location.href")) {
            this._logger.info("Script sets location : " + str);
        }
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isModified() {
        return false;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isRunning() {
        return this._model.isRunning();
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void setSession(String str, Object obj, String str2) throws StoreException {
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public Object getScriptableObject() {
        return null;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public Hook[] getScriptingHooks() {
        return new Hook[0];
    }
}
