package cn.undraw.handler.xss;

import cn.undraw.util.servlet.ServletUtils;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.multipart.support.StandardServletMultipartResolver;

@Component
/* loaded from: input_file:cn/undraw/handler/xss/XSSFilter.class */
public class XSSFilter implements Filter {
    FilterConfig filterConfig = null;

    @Value("${cool.core.include:}")
    private String include;

    @Value("${cool.core.exclude:}")
    private String exclude;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        ServletRequest servletRequest2 = (HttpServletRequest) servletRequest;
        if (ServletUtils.isMultipart(servletRequest2)) {
            servletRequest2 = new StandardServletMultipartResolver().resolveMultipart(servletRequest2);
        }
        boolean z = "".equals(this.include) ? false : true;
        if (!"".equals(this.exclude)) {
            String[] split = this.exclude.split(",");
            AntPathMatcher antPathMatcher = new AntPathMatcher();
            String requestURI = servletRequest2.getRequestURI();
            for (String str : split) {
                if (antPathMatcher.match(str, requestURI)) {
                    z = false;
                }
            }
        }
        if (z) {
            filterChain.doFilter(new XssHttpServletRequestWrapper(servletRequest2), servletResponse);
        } else {
            filterChain.doFilter(servletRequest2, servletResponse);
        }
    }

    public void destroy() {
        this.filterConfig = null;
    }
}
