package cn.acyou.leo.framework.xss;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.StringUtils;
import org.springframework.web.util.ContentCachingResponseWrapper;

/* loaded from: input_file:cn/acyou/leo/framework/xss/XssFilter.class */
public class XssFilter implements Filter {
    public List<String> excludes = new ArrayList();
    public boolean enabled = true;
    private AntPathMatcher pathMatcher = new AntPathMatcher();

    public void init(FilterConfig filterConfig) {
        String initParameter = filterConfig.getInitParameter("excludes");
        String initParameter2 = filterConfig.getInitParameter("enabled");
        if (StringUtils.hasText(initParameter)) {
            this.excludes.addAll(Arrays.asList(initParameter.split(cn.acyou.leo.framework.util.StringUtils.COMMA)));
        }
        if (StringUtils.hasText(initParameter2)) {
            this.enabled = Boolean.parseBoolean(initParameter2);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (handleExcludeURL((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        XssHttpServletRequestWrapper xssHttpServletRequestWrapper = new XssHttpServletRequestWrapper((HttpServletRequest) servletRequest);
        ContentCachingResponseWrapper contentCachingResponseWrapper = new ContentCachingResponseWrapper((HttpServletResponse) servletResponse);
        filterChain.doFilter(xssHttpServletRequestWrapper, contentCachingResponseWrapper);
        contentCachingResponseWrapper.copyBodyToResponse();
    }

    private boolean handleExcludeURL(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (httpServletRequest.getRequestURI().contains("socket") || !this.enabled) {
            return true;
        }
        if (this.excludes == null || this.excludes.isEmpty()) {
            return false;
        }
        String servletPath = httpServletRequest.getServletPath();
        Iterator<String> it = this.excludes.iterator();
        while (it.hasNext()) {
            if (this.pathMatcher.match(it.next(), servletPath)) {
                return true;
            }
        }
        return false;
    }

    public void destroy() {
    }
}
