package com.tradevan.wcommons.filter;

import com.tradevan.commons.collection.ArrayUtil;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

/* loaded from: input_file:com/tradevan/wcommons/filter/XssFilterRequestWrapper.class */
public class XssFilterRequestWrapper extends HttpServletRequestWrapper {
    private String[] filterParam;
    private boolean cleanHeader;
    private boolean cleanQueryString;
    private boolean cleanRequestUri;

    public XssFilterRequestWrapper(HttpServletRequest httpServletRequest) {
        super(httpServletRequest);
        this.filterParam = ArrayUtil.EMPTY_STRING_ARRAY;
        this.cleanHeader = true;
        this.cleanQueryString = true;
        this.cleanRequestUri = true;
    }

    public String getQueryString() {
        return this.cleanQueryString ? cleanXSS(super.getQueryString()) : super.getQueryString();
    }

    public String getRequestURI() {
        return this.cleanRequestUri ? cleanXSS(super.getRequestURI()) : super.getRequestURI();
    }

    public StringBuffer getRequestURL() {
        StringBuffer requestURL = super.getRequestURL();
        if (requestURL != null && this.cleanRequestUri) {
            requestURL = new StringBuffer(cleanXSS(requestURL.toString()));
        }
        return requestURL;
    }

    public String[] getParameterValues(String str) {
        if (!check(str)) {
            return super.getParameterValues(str);
        }
        String[] parameterValues = super.getParameterValues(str);
        if (parameterValues == null) {
            return null;
        }
        int length = parameterValues.length;
        String[] strArr = new String[length];
        for (int i = 0; i < length; i++) {
            strArr[i] = cleanXSS(parameterValues[i]);
        }
        return strArr;
    }

    public String getParameter(String str) {
        return check(str) ? cleanXSS(super.getParameter(str)) : super.getParameter(str);
    }

    public String getHeader(String str) {
        return this.cleanHeader ? cleanXSS(super.getHeader(str)) : super.getHeader(str);
    }

    private boolean check(String str) {
        if (ArrayUtil.isEmpty(this.filterParam)) {
            return false;
        }
        for (int i = 0; i < this.filterParam.length; i++) {
            if (this.filterParam[i].equals(str)) {
                return true;
            }
        }
        return false;
    }

    private String cleanXSS(String str) {
        return str == null ? str : str.replaceAll("<", "& lt;").replaceAll(">", "& gt;").replaceAll("\\(", "& #40;").replaceAll("\\)", "& #41;").replaceAll("'", "& #39;").replaceAll("eval\\((.*)\\)", "").replaceAll("[\\\"\\'][\\s]*javascript:(.*)[\\\"\\']", "\"\"").replaceAll("script", "");
    }

    public String[] getFilterParam() {
        return this.filterParam;
    }

    public void setFilterParam(String[] strArr) {
        this.filterParam = strArr;
    }

    public boolean isCleanHeader() {
        return this.cleanHeader;
    }

    public void setCleanHeader(boolean z) {
        this.cleanHeader = z;
    }

    public boolean isCleanQueryString() {
        return this.cleanQueryString;
    }

    public void setCleanQueryString(boolean z) {
        this.cleanQueryString = z;
    }

    public boolean isCleanRequestUri() {
        return this.cleanRequestUri;
    }

    public void setCleanRequestUri(boolean z) {
        this.cleanRequestUri = z;
    }
}
