package com.atlassian.jira.web.action;

import com.atlassian.jira.util.velocity.VelocityRequestContextFactory;
import java.net.URI;
import java.net.URISyntaxException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/jira/web/action/SafeRedirectChecker.class */
public class SafeRedirectChecker {
    private final Logger log = LoggerFactory.getLogger(SafeRedirectChecker.class);
    private final VelocityRequestContextFactory velocityRequestContextFactory;

    public SafeRedirectChecker(VelocityRequestContextFactory velocityRequestContextFactory) {
        this.velocityRequestContextFactory = velocityRequestContextFactory;
    }

    public boolean canRedirectTo(String str) {
        if (str == null) {
            return true;
        }
        try {
            if (new URI(str).getScheme() != null) {
                if (!str.startsWith(getCanonicalBaseURL())) {
                    return false;
                }
            }
            return true;
        } catch (URISyntaxException e) {
            this.log.debug("Failed to parse URI '{}', redirect will not be allowed", str);
            return false;
        }
    }

    protected String getCanonicalBaseURL() {
        return this.velocityRequestContextFactory.getJiraVelocityRequestContext().getCanonicalBaseUrl();
    }
}
