package cn.herodotus.engine.assistant.core.utils;

import cn.herodotus.engine.assistant.core.definition.constants.SymbolConstants;
import java.io.IOException;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.text.StringEscapeUtils;
import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.CleanResults;
import org.owasp.validator.html.Policy;
import org.owasp.validator.html.PolicyException;
import org.owasp.validator.html.ScanException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/herodotus/engine/assistant/core/utils/XssUtils.class */
public class XssUtils {
    private static final Logger log = LoggerFactory.getLogger(XssUtils.class);
    private static volatile XssUtils INSTANCE;
    private final AntiSamy antiSamy;
    private final String nbsp;
    private final String quot;

    private XssUtils() {
        Policy createPolicy = createPolicy();
        this.antiSamy = ObjectUtils.isNotEmpty(createPolicy) ? new AntiSamy(createPolicy) : new AntiSamy();
        this.nbsp = cleanHtml(SymbolConstants.NBSP);
        this.quot = cleanHtml(SymbolConstants.QUOTE);
    }

    private static XssUtils getInstance() {
        if (ObjectUtils.isEmpty(INSTANCE)) {
            synchronized (XssUtils.class) {
                if (ObjectUtils.isEmpty(INSTANCE)) {
                    INSTANCE = new XssUtils();
                }
            }
        }
        return INSTANCE;
    }

    private Policy createPolicy() {
        try {
            return Policy.getInstance(ResourceUtils.getURL("classpath:antisamy/antisamy-anythinggoes.xml"));
        } catch (IOException | PolicyException e) {
            log.warn("[Herodotus] |- Antisamy create policy error! {}", e.getMessage());
            return null;
        }
    }

    private CleanResults scan(String str) throws ScanException, PolicyException {
        return this.antiSamy.scan(str);
    }

    private String cleanHtml(String str) {
        try {
            log.trace("[Herodotus] |- Before Antisamy Scan, value is: [{}]", str);
            String cleanHTML = scan(str).getCleanHTML();
            log.trace("[Herodotus] |- After  Antisamy Scan, value is: [{}]", cleanHTML);
            return cleanHTML;
        } catch (ScanException | PolicyException e) {
            log.error("[Herodotus] |- Antisamy scan catch error! {}", e.getMessage());
            return str;
        }
    }

    public static String cleaning(String str) {
        String replaceAll = StringEscapeUtils.unescapeHtml4(getInstance().cleanHtml(str)).replaceAll(getInstance().nbsp, SymbolConstants.BLANK).replaceAll(getInstance().quot, SymbolConstants.QUOTE).replaceAll(SymbolConstants.NEW_LINE, SymbolConstants.BLANK);
        log.trace("[Herodotus] |- After  Antisamy Well Formed, value is: [{}]", replaceAll);
        return replaceAll;
    }
}
