package gov.nasa.pds.search.util;

import java.net.URLDecoder;
import java.util.regex.Pattern;

/* loaded from: input_file:gov/nasa/pds/search/util/XssUtils.class */
public class XssUtils {
    private static Pattern[] xssPatterns = {Pattern.compile("<script>(.*?)</script>", 2), Pattern.compile("src[\r\n]*=[\r\n]*\\'(.*?)\\'", 42), Pattern.compile("src[\r\n]*=[\r\n]*\\\"(.*?)\\\"", 42), Pattern.compile("</script>", 2), Pattern.compile("<script(.*?)>", 42), Pattern.compile("eval\\((.*?)\\)", 42), Pattern.compile("expression\\((.*?)\\)", 42), Pattern.compile("javascript:", 2), Pattern.compile("vbscript:", 2), Pattern.compile("onload(.*?)=", 42), Pattern.compile("alert\\((.*?)\\)", 42)};

    private XssUtils() {
    }

    public static String clean(String str) {
        if (str != null) {
            str = str.replaceAll("��", "");
            for (Pattern pattern : xssPatterns) {
                str = pattern.matcher(str).replaceAll("");
            }
            char[] cArr = {'|', ';', '$', '@', '\'', '\"', '<', '>', ',', '\\', '\r', '\n', '\b'};
            try {
                String decode = URLDecoder.decode(str);
                for (char c : cArr) {
                    if (decode.indexOf(c) >= 0) {
                        str = "";
                    }
                }
            } catch (IllegalArgumentException e) {
                str = "";
            }
        }
        return str;
    }
}
