package com.kg.core.xss;

import java.io.IOException;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

@Component
/* loaded from: input_file:com/kg/core/xss/XssFilter.class */
public class XssFilter implements Filter {
    public void init(FilterConfig filterConfig) {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String removeCtx = removeCtx(httpServletRequest.getRequestURI(), httpServletRequest.getContextPath());
        boolean z = false;
        if (StringUtils.hasText(removeCtx) && XssConstant.XSS_INGORE_URL_LIST.length > 0) {
            String[] strArr = XssConstant.XSS_INGORE_URL_LIST;
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str = strArr[i];
                if (str.indexOf("**") >= 0) {
                    if (Pattern.compile("^" + str.replace("**", ".*")).matcher(removeCtx).find()) {
                        z = true;
                        break;
                    }
                    i++;
                } else {
                    if (str.trim().equals(removeCtx)) {
                        z = true;
                        break;
                    }
                    i++;
                }
            }
        }
        String header = httpServletRequest.getHeader("Content-Type");
        if (z || (header != null && header.toLowerCase().contains("multipart/form-data"))) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            filterChain.doFilter(new XssHttpServletRequestWrapper(httpServletRequest), servletResponse);
        }
    }

    public void destroy() {
    }

    private static String removeCtx(String str, String str2) {
        String trim = str.trim();
        if (!StringUtils.hasText(str2)) {
            return trim;
        }
        if (!StringUtils.hasText(trim)) {
            return "";
        }
        if (trim.startsWith(str2)) {
            trim = trim.replaceFirst(str2, "");
        }
        return trim;
    }
}
