package ru.org.openam.xss;

import java.io.CharArrayWriter;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;
import java.util.Set;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.apache.commons.lang3.tuple.Pair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:ru/org/openam/xss/XSSResponseWrapper.class */
public class XSSResponseWrapper extends HttpServletResponseWrapper {
    static final Logger logger = LoggerFactory.getLogger(XSSResponseWrapper.class.getName());
    XSSFilter filter;
    HttpServletResponse response;
    HttpServletRequest request;
    protected CharArrayWriter charWriter;
    protected PrintWriter writer;
    protected boolean getOutputStreamCalled;
    protected boolean getWriterCalled;

    public XSSResponseWrapper(XSSFilter xSSFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        super(httpServletResponse);
        this.getOutputStreamCalled = false;
        this.filter = xSSFilter;
        this.response = httpServletResponse;
        this.request = httpServletRequest;
        this.charWriter = new CharArrayWriter();
        for (Pair<String, String> pair : xSSFilter.extraHeaders) {
            boolean z = false;
            if (xSSFilter.iFrameEmbedAllow.size() > 0 && ((String) pair.getKey()).equals("X-Frame-Options")) {
                for (Map.Entry<String, Set<String>> entry : xSSFilter.iFrameEmbedAllow.entrySet()) {
                    if (httpServletRequest.getParameterMap().keySet().contains(entry.getKey()) && entry.getValue().contains(httpServletRequest.getParameter(entry.getKey()))) {
                        z = true;
                    }
                }
            }
            if (!z) {
                addHeader((String) pair.getKey(), (String) pair.getValue());
            }
        }
    }

    public void setHeader(String str, String str2) {
        if (this.filter.hideHeaders.contains(str.toLowerCase())) {
            return;
        }
        getResponse().setHeader(str, str2);
    }

    public void addHeader(String str, String str2) {
        if (this.filter.hideHeaders.contains(str.toLowerCase())) {
            return;
        }
        getResponse().addHeader(str, str2);
    }

    public void sendRedirect(String str) throws IOException {
        if (isCommitted() || getResponse().isCommitted()) {
            return;
        }
        getResponse().setHeader("X-Frame-Options", "");
        getResponse().sendRedirect(XSSRequestWrapper.getSafeURL(this.request, "sendRedirect", str));
    }

    public PrintWriter getWriter() throws IOException {
        return getWriterOverriden();
    }

    public ServletOutputStream getOutputStream() throws IOException {
        if (this.getWriterCalled) {
            throw new IllegalStateException("getWriter already called");
        }
        this.getOutputStreamCalled = true;
        return super.getOutputStream();
    }

    public PrintWriter getWriterOverriden() throws IOException {
        if (this.writer != null) {
            return this.writer;
        }
        if (this.getOutputStreamCalled) {
            throw new IllegalStateException("getOutputStream already called");
        }
        this.getWriterCalled = true;
        this.writer = new PrintWriter(this.charWriter);
        return this.writer;
    }

    public String toString() {
        String str = null;
        if (this.writer != null) {
            str = this.charWriter.toString();
        }
        return str;
    }
}
