package com.datadog.iast.sink;

import com.datadog.iast.HasDependencies;
import com.datadog.iast.model.Evidence;
import com.datadog.iast.model.VulnerabilityType;
import com.datadog.iast.overhead.Operations;
import datadog.trace.api.Config;
import datadog.trace.api.iast.sink.InsecureCookieModule;
import datadog.trace.bootstrap.instrumentation.api.AgentSpan;
import datadog.trace.bootstrap.instrumentation.api.AgentTracer;
import java.net.HttpCookie;
import javax.annotation.Nonnull;

/* loaded from: input_file:iast/com/datadog/iast/sink/InsecureCookieModuleImpl.classdata */
public class InsecureCookieModuleImpl extends SinkModuleBase implements InsecureCookieModule {
    private Config config;

    @Override // com.datadog.iast.sink.SinkModuleBase, com.datadog.iast.HasDependencies
    public void registerDependencies(@Nonnull HasDependencies.Dependencies dependencies) {
        super.registerDependencies(dependencies);
        this.config = dependencies.getConfig();
    }

    @Override // datadog.trace.api.iast.sink.InsecureCookieModule
    public void onCookie(String str, boolean z) {
        if (z || str == null || str.length() <= 0) {
            return;
        }
        AgentSpan activeSpan = AgentTracer.activeSpan();
        if (this.overheadController.consumeQuota(Operations.REPORT_VULNERABILITY, activeSpan)) {
            report(activeSpan, VulnerabilityType.INSECURE_COOKIE, new Evidence(str));
        }
    }

    @Override // datadog.trace.api.iast.sink.InsecureCookieModule
    public void onCookieHeader(String str) {
        if (null == str) {
            return;
        }
        try {
            for (HttpCookie httpCookie : HttpCookie.parse(str)) {
                if (!httpCookie.getSecure()) {
                    AgentSpan activeSpan = AgentTracer.activeSpan();
                    if (this.overheadController.consumeQuota(Operations.REPORT_VULNERABILITY, activeSpan)) {
                        report(activeSpan, VulnerabilityType.INSECURE_COOKIE, new Evidence(httpCookie.getName()));
                        return;
                    }
                    return;
                }
            }
        } catch (IllegalArgumentException e) {
        }
    }
}
