package org.apache.shiro.web.filter;

import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.stream.Stream;
import org.apache.jena.atlas.lib.Chars;
import org.apache.shiro.util.StringUtils;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:WEB-INF/lib/shiro-web-1.13.0-jakarta.jar:org/apache/shiro/web/filter/InvalidRequestFilter.class */
public class InvalidRequestFilter extends AccessControlFilter {
    private static final List<String> SEMICOLON = Collections.unmodifiableList(Arrays.asList(";", "%3b", "%3B"));
    private static final List<String> BACKSLASH = Collections.unmodifiableList(Arrays.asList(Chars.S_RSLASH, "%5c", "%5C"));
    private static final List<String> FORWARDSLASH = Collections.unmodifiableList(Arrays.asList("%2f", "%2F"));
    private static final List<String> PERIOD = Collections.unmodifiableList(Arrays.asList("%2e", "%2E"));
    private boolean blockSemicolon = true;
    private boolean blockBackslash;
    private boolean blockNonAscii;
    private boolean blockTraversal;
    private boolean blockEncodedPeriod;
    private boolean blockEncodedForwardSlash;
    private boolean blockRewriteTraversal;

    public InvalidRequestFilter() {
        this.blockBackslash = !Boolean.getBoolean(WebUtils.ALLOW_BACKSLASH);
        this.blockNonAscii = true;
        this.blockTraversal = true;
        this.blockEncodedPeriod = true;
        this.blockEncodedForwardSlash = true;
        this.blockRewriteTraversal = true;
    }

    @Override // org.apache.shiro.web.filter.AccessControlFilter
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        HttpServletRequest http = WebUtils.toHttp(servletRequest);
        return isValid(http.getRequestURI()) && isValid(http.getServletPath()) && isValid(http.getPathInfo());
    }

    private boolean isValid(String str) {
        return (StringUtils.hasText(str) && (containsSemicolon(str) || containsBackslash(str) || containsNonAsciiCharacters(str) || containsTraversal(str) || containsEncodedPeriods(str) || containsEncodedForwardSlash(str))) ? false : true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.web.filter.AccessControlFilter
    public boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        WebUtils.toHttp(servletResponse).sendError(400, "Invalid request");
        return false;
    }

    private boolean containsSemicolon(String str) {
        if (!isBlockSemicolon()) {
            return false;
        }
        Stream<String> stream = SEMICOLON.stream();
        str.getClass();
        return stream.anyMatch((v1) -> {
            return r1.contains(v1);
        });
    }

    private boolean containsBackslash(String str) {
        if (!isBlockBackslash()) {
            return false;
        }
        Stream<String> stream = BACKSLASH.stream();
        str.getClass();
        return stream.anyMatch((v1) -> {
            return r1.contains(v1);
        });
    }

    private boolean containsNonAsciiCharacters(String str) {
        return isBlockNonAscii() && !containsOnlyPrintableAsciiCharacters(str);
    }

    private static boolean containsOnlyPrintableAsciiCharacters(String str) {
        int length = str.length();
        for (int i = 0; i < length; i++) {
            char charAt = str.charAt(i);
            if (charAt < ' ' || charAt > '~') {
                return false;
            }
        }
        return true;
    }

    private boolean containsTraversal(String str) {
        if (!isBlockTraversal()) {
            return false;
        }
        if (isNormalized(str)) {
            if (isBlockRewriteTraversal()) {
                Stream of = Stream.of((Object[]) new String[]{"/..;", "/.;"});
                str.getClass();
                if (of.anyMatch((v1) -> {
                    return r1.contains(v1);
                })) {
                }
            }
            return false;
        }
        return true;
    }

    private boolean containsEncodedPeriods(String str) {
        if (!isBlockEncodedPeriod()) {
            return false;
        }
        Stream<String> stream = PERIOD.stream();
        str.getClass();
        return stream.anyMatch((v1) -> {
            return r1.contains(v1);
        });
    }

    private boolean containsEncodedForwardSlash(String str) {
        if (!isBlockEncodedForwardSlash()) {
            return false;
        }
        Stream<String> stream = FORWARDSLASH.stream();
        str.getClass();
        return stream.anyMatch((v1) -> {
            return r1.contains(v1);
        });
    }

    private boolean isNormalized(String str) {
        if (str == null) {
            return true;
        }
        int length = str.length();
        while (true) {
            int i = length;
            if (i <= 0) {
                return true;
            }
            int lastIndexOf = str.lastIndexOf(47, i - 1);
            int i2 = i - lastIndexOf;
            if (i2 == 2 && str.charAt(lastIndexOf + 1) == '.') {
                return false;
            }
            if (i2 == 3 && str.charAt(lastIndexOf + 1) == '.' && str.charAt(lastIndexOf + 2) == '.') {
                return false;
            }
            length = lastIndexOf;
        }
    }

    public boolean isBlockSemicolon() {
        return this.blockSemicolon;
    }

    public void setBlockSemicolon(boolean z) {
        this.blockSemicolon = z;
    }

    public boolean isBlockBackslash() {
        return this.blockBackslash;
    }

    public void setBlockBackslash(boolean z) {
        this.blockBackslash = z;
    }

    public boolean isBlockNonAscii() {
        return this.blockNonAscii;
    }

    public void setBlockNonAscii(boolean z) {
        this.blockNonAscii = z;
    }

    public boolean isBlockTraversal() {
        return this.blockTraversal;
    }

    public void setBlockTraversal(boolean z) {
        this.blockTraversal = z;
    }

    public boolean isBlockEncodedPeriod() {
        return this.blockEncodedPeriod;
    }

    public void setBlockEncodedPeriod(boolean z) {
        this.blockEncodedPeriod = z;
    }

    public boolean isBlockEncodedForwardSlash() {
        return this.blockEncodedForwardSlash;
    }

    public void setBlockEncodedForwardSlash(boolean z) {
        this.blockEncodedForwardSlash = z;
    }

    public boolean isBlockRewriteTraversal() {
        return this.blockRewriteTraversal;
    }

    public void setBlockRewriteTraversal(boolean z) {
        this.blockRewriteTraversal = z;
    }
}
