package org.zaproxy.addon.commonlib;

import java.io.IOException;
import org.apache.commons.httpclient.URI;
import org.apache.commons.httpclient.URIException;
import org.apache.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.core.scanner.AbstractAppPlugin;
import org.parosproxy.paros.network.HttpMessage;

/* loaded from: input_file:org/zaproxy/addon/commonlib/AbstractAppFilePlugin.class */
public abstract class AbstractAppFilePlugin extends AbstractAppPlugin {
    private static final Logger LOG = Logger.getLogger(AbstractAppFilePlugin.class);
    private final String filename;
    private final String messagePrefix;

    protected AbstractAppFilePlugin(String str, String str2) {
        this.filename = str;
        this.messagePrefix = str2;
    }

    public String getName() {
        return Constant.messages.getString(this.messagePrefix + "name");
    }

    public String getDescription() {
        return Constant.messages.getString(this.messagePrefix + "desc");
    }

    public String getSolution() {
        return Constant.messages.getString(this.messagePrefix + "soln");
    }

    public String getReference() {
        return Constant.messages.getString(this.messagePrefix + "refs");
    }

    public int getCategory() {
        return 0;
    }

    public int getRisk() {
        return 2;
    }

    public int getCweId() {
        return 215;
    }

    public int getWascId() {
        return 13;
    }

    private String getOtherInfo() {
        return Constant.messages.getString(this.messagePrefix + "otherinfo");
    }

    public void scan() {
        if (isStop()) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Scanner " + getName() + " Stopping.");
                return;
            }
            return;
        }
        HttpMessage newMsg = getNewMsg();
        newMsg.getRequestHeader().setMethod("GET");
        URI uri = getBaseMsg().getRequestHeader().getURI();
        try {
            URI uri2 = new URI(uri.getScheme(), (String) null, uri.getHost(), uri.getPort(), createTestablePath(uri.getPath() == null ? "" : uri.getPath()));
            try {
                newMsg.getRequestHeader().setURI(uri2);
                synchronized (getKb()) {
                    if (getKb().getBoolean(uri2, this.messagePrefix)) {
                        return;
                    }
                    getKb().add(uri2, this.messagePrefix, Boolean.TRUE);
                    try {
                        sendAndReceive(newMsg, false);
                        if (isFalsePositive(newMsg)) {
                            return;
                        }
                        int statusCode = newMsg.getResponseHeader().getStatusCode();
                        if (statusCode == 200) {
                            raiseAlert(newMsg, getRisk(), "");
                        } else if (statusCode == 401 || statusCode == 403) {
                            raiseAlert(newMsg, 0, getOtherInfo());
                        }
                    } catch (IOException e) {
                        LOG.warn("An error occurred while checking [" + newMsg.getRequestHeader().getMethod() + "] [" + newMsg.getRequestHeader().getURI() + "] for " + getName() + " Caught " + e.getClass().getName() + " " + e.getMessage());
                    }
                }
            } catch (URIException e2) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("An error occurred setting the URI for a new request used by: " + getName() + " scanner. " + e2.getMessage(), e2);
                }
            }
        } catch (URIException e3) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("An error occurred creating a URI for the: " + getName() + " scanner. " + e3.getMessage(), e3);
            }
        }
    }

    public boolean isFalsePositive(HttpMessage httpMessage) {
        return false;
    }

    private String createTestablePath(String str) {
        return str.contains("/") ? str.endsWith("/") ? str + this.filename : str.substring(0, str.lastIndexOf(47)) + "/" + this.filename : str + "/" + this.filename;
    }

    private void raiseAlert(HttpMessage httpMessage, int i, String str) {
        newAlert().setRisk(i).setConfidence(3).setOtherInfo(str).setEvidence(httpMessage.getResponseHeader().getPrimeHeader()).setMessage(httpMessage).raise();
    }
}
