package top.jpower.jpower.module.configurer.xss;

import java.io.IOException;
import java.util.List;
import javax.annotation.Resource;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import top.jpower.jpower.module.common.utils.Fc;
import top.jpower.jpower.module.common.utils.StringUtil;
import top.jpower.jpower.module.properties.XssProperties;

@EnableConfigurationProperties({XssProperties.class})
@Component
@Order(1)
/* loaded from: input_file:top/jpower/jpower/module/configurer/xss/XssFilter.class */
public class XssFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(XssFilter.class);

    @Resource
    private XssProperties xssProperties;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!this.xssProperties.getEnable().booleanValue()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("xss filter is open");
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (handleExcludeURL(httpServletRequest) || handleDefaultExcludeURL(httpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            filterChain.doFilter(new XssHttpServletRequestWrapper((HttpServletRequest) servletRequest, this.xssProperties.getIsIncludeRichText().booleanValue()), servletResponse);
        }
    }

    private boolean handleExcludeURL(HttpServletRequest httpServletRequest) {
        return excludeURL(this.xssProperties.getExcludes(), httpServletRequest);
    }

    private boolean handleDefaultExcludeURL(HttpServletRequest httpServletRequest) {
        return excludeURL(XssProperties.getDefaultExcludes(), httpServletRequest);
    }

    private boolean excludeURL(List<String> list, HttpServletRequest httpServletRequest) {
        if (Fc.isEmpty(list)) {
            return false;
        }
        String servletPath = httpServletRequest.getServletPath();
        for (String str : list) {
            if (Fc.isNotBlank(str) && Fc.isNotBlank(servletPath) && !Fc.equalsValue(servletPath, "/") && StringUtil.wildcardEquals(str, servletPath)) {
                return true;
            }
        }
        return false;
    }
}
