package com.tradevan.framework.filter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

/* loaded from: input_file:com/tradevan/framework/filter/RequestWrapper.class */
public class RequestWrapper extends HttpServletRequestWrapper {
    public RequestWrapper(HttpServletRequest httpServletRequest) {
        super(httpServletRequest);
    }

    public String getQueryString() {
        return cleanXSS(super.getQueryString());
    }

    public String getRequestURI() {
        return cleanXSS(super.getRequestURI());
    }

    public StringBuffer getRequestURL() {
        StringBuffer requestURL = super.getRequestURL();
        if (requestURL != null) {
            requestURL = new StringBuffer(cleanXSS(requestURL.toString()));
        }
        return requestURL;
    }

    public String[] getParameterValues(String str) {
        if (!check(str)) {
            return super.getParameterValues(str);
        }
        String[] parameterValues = super.getParameterValues(str);
        if (parameterValues == null) {
            return null;
        }
        int length = parameterValues.length;
        String[] strArr = new String[length];
        for (int i = 0; i < length; i++) {
            strArr[i] = cleanXSS(parameterValues[i]);
        }
        return strArr;
    }

    public String getParameter(String str) {
        String parameter = super.getParameter(str);
        if (parameter == null) {
            return null;
        }
        return check(str) ? cleanXSS(parameter) : parameter;
    }

    public String getHeader(String str) {
        String header = super.getHeader(str);
        if (header == null) {
            return null;
        }
        return cleanXSS(header);
    }

    private boolean check(String str) {
        for (String str2 : new String[]{"p_p_mode", "p_p_state", "currentURL", "p_p_lifecycle", "p_p_id", "saveLastPath"}) {
            if (str2.equals(str)) {
                return true;
            }
        }
        return false;
    }

    private String cleanXSS(String str) {
        return str == null ? str : str.replaceAll("<", "& lt;").replaceAll(">", "& gt;").replaceAll("\\(", "& #40;").replaceAll("\\)", "& #41;").replaceAll("'", "& #39;").replaceAll("eval\\((.*)\\)", "").replaceAll("[\\\"\\'][\\s]*javascript:(.*)[\\\"\\']", "\"\"").replaceAll("script", "");
    }
}
