package com.atlassian.jira.web.servlet;

import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.jira.issue.attachment.Attachment;
import com.atlassian.jira.util.AttachmentUtils;
import com.atlassian.jira.util.BrowserUtils;
import com.atlassian.jira.util.IOUtil;
import com.atlassian.jira.web.util.HostileAttachmentsHelper;
import com.atlassian.jira.web.util.Ie6MimeSniffer;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/atlassian/jira/web/servlet/MimeSniffingKit.class */
public class MimeSniffingKit {
    public static final String CONTENT_DISPOSITION_ATTACHMENT = "attachment";
    public static final String CONTENT_DISPOSITION_INLINE = "inline";
    private static final Logger log = Logger.getLogger(MimeSniffingKit.class);
    private final ApplicationProperties applicationProperties;
    private HostileAttachmentsHelper attachmentHelper = new HostileAttachmentsHelper();

    public MimeSniffingKit(ApplicationProperties applicationProperties) {
        this.applicationProperties = applicationProperties;
    }

    public String getContentDisposition(Attachment attachment, String str) throws IOException {
        return getContentDisposition(attachment.getFilename(), attachment.getMimetype(), str, getFileForAttachment(attachment));
    }

    public String getContentDisposition(String str, String str2, String str3, File file) throws IOException {
        String mimeSniffingPolicy = getMimeSniffingPolicy();
        boolean z = false;
        if (log.isDebugEnabled() && mimeSniffingPolicy.equalsIgnoreCase("insecure")) {
            log.debug("Mime sniffing policy is insecure, attachment will always be displayed inline");
        }
        if (!mimeSniffingPolicy.equalsIgnoreCase("insecure") && isExecutableContent(str, str2)) {
            z = true;
            if (log.isDebugEnabled()) {
                log.debug("Attachment \"" + str + "\" (" + str2 + ") presents as executable content, forcing download.");
            }
        } else if (mimeSniffingPolicy.equalsIgnoreCase("workaround") && BrowserUtils.isIe456Or7(str3)) {
            z = new Ie6MimeSniffer().smellsLikeHtml(getLeadingFileBytes(file, Ie6MimeSniffer.MAX_BYTES_TO_SNIFF));
            if (z) {
                log.debug("Detected Internet Explorer and file contents would be sniffed as HTML, forcing download");
            }
        } else if (mimeSniffingPolicy.equalsIgnoreCase("secure")) {
            z = true;
        }
        return z ? "attachment" : CONTENT_DISPOSITION_INLINE;
    }

    File getFileForAttachment(Attachment attachment) {
        return AttachmentUtils.getAttachmentFile(attachment);
    }

    byte[] getLeadingFileBytes(File file, int i) throws IOException {
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(file);
            byte[] leadingBytes = IOUtil.getLeadingBytes(fileInputStream, i);
            IOUtil.shutdownStream(fileInputStream);
            return leadingBytes;
        } catch (Throwable th) {
            IOUtil.shutdownStream(fileInputStream);
            throw th;
        }
    }

    boolean isExecutableContent(String str, String str2) {
        return this.attachmentHelper.isExecutableFileExtension(str) || this.attachmentHelper.isExecutableContentType(str2);
    }

    private String getMimeSniffingPolicy() {
        String defaultBackedString = this.applicationProperties.getDefaultBackedString("jira.attachment.download.mime.sniffing.workaround");
        if (defaultBackedString == null) {
            defaultBackedString = "workaround";
            log.warn("Missing MIME sniffing policy application property jira.attachment.download.mime.sniffing.workaround ! Defaulting to workaround");
        }
        if (!"insecure".equalsIgnoreCase(defaultBackedString) && !"secure".equalsIgnoreCase(defaultBackedString) && !"workaround".equalsIgnoreCase(defaultBackedString)) {
            log.warn("MIME sniffing policy application property is invalid: " + defaultBackedString + " ! Defaulting to workaround");
            defaultBackedString = "workaround";
        }
        return defaultBackedString;
    }
}
