package org.directwebremoting;

import org.apache.xml.serializer.SerializerConstants;
import org.displaytag.util.TagConstants;
import org.kuali.rice.krad.util.KRADConstants;
import org.springframework.beans.factory.BeanFactory;

/* loaded from: input_file:WEB-INF/lib/dwr-3.0.RC2.jar:org/directwebremoting/Security.class */
public class Security {
    public static String escapeHtml(String str) {
        return str.replace(BeanFactory.FACTORY_BEAN_PREFIX, "&amp;").replace("<", SerializerConstants.ENTITY_LT).replace(TagConstants.TAG_CLOSE, SerializerConstants.ENTITY_GT).replace(KRADConstants.SINGLE_QUOTE, "&apos;").replace("\"", SerializerConstants.ENTITY_QUOT);
    }

    public static String unescapeHtml(String str) {
        return str.replace("&amp;", BeanFactory.FACTORY_BEAN_PREFIX).replace(SerializerConstants.ENTITY_LT, "<").replace(SerializerConstants.ENTITY_GT, TagConstants.TAG_CLOSE).replace("&apos;", KRADConstants.SINGLE_QUOTE).replace(SerializerConstants.ENTITY_QUOT, "\"");
    }

    public static String replaceXmlCharacters(String str) {
        return str.replace(BeanFactory.FACTORY_BEAN_PREFIX, "+").replace("<", "‹").replace(TagConstants.TAG_CLOSE, "›").replace(KRADConstants.SINGLE_QUOTE, "‘").replace("\"", "“");
    }

    public static boolean containsXssRiskyCharacters(String str) {
        return (str.indexOf(38) == -1 && str.indexOf(60) == -1 && str.indexOf(62) == -1 && str.indexOf(39) == -1 && str.indexOf(34) == -1) ? false : true;
    }
}
