package com.github.mengweijin.quickboot.framework.filter.xss;

import cn.hutool.core.util.ReUtil;
import cn.hutool.core.util.StrUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:BOOT-INF/lib/quickboot-framework-1.0.36.jar:com/github/mengweijin/quickboot/framework/filter/xss/XssFilter.class */
public class XssFilter implements Filter {
    public static final String ENABLED = "enabled";
    public static final String EXCLUDES = "excludes";
    public List<String> excludes = new ArrayList();
    public boolean enabled = false;

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) {
        String initParameter = filterConfig.getInitParameter(ENABLED);
        if (StrUtil.isNotEmpty(initParameter)) {
            this.enabled = Boolean.parseBoolean(initParameter);
        }
        String initParameter2 = filterConfig.getInitParameter(EXCLUDES);
        if (StrUtil.isNotBlank(initParameter2)) {
            this.excludes.addAll(Arrays.asList(initParameter2.split(",")));
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (this.enabled && !isExcludeUrl(httpServletRequest)) {
            servletRequest = new XssHttpServletRequestWrapper(httpServletRequest);
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private boolean isExcludeUrl(HttpServletRequest httpServletRequest) {
        return this.excludes.stream().anyMatch(str -> {
            return ReUtil.isMatch("^" + str, httpServletRequest.getServletPath());
        });
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
