package org.springframework.security.web.firewall;

import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletResponseWrapper;
import java.io.IOException;
import java.util.function.Supplier;
import org.springframework.util.Assert;

/* loaded from: input_file:BOOT-INF/lib/spring-security-web-6.1.1.jar:org/springframework/security/web/firewall/FirewalledResponse.class */
class FirewalledResponse extends HttpServletResponseWrapper {
    private static final String LOCATION_HEADER = "Location";
    private static final String SET_COOKIE_HEADER = "Set-Cookie";

    /* JADX INFO: Access modifiers changed from: package-private */
    public FirewalledResponse(HttpServletResponse httpServletResponse) {
        super(httpServletResponse);
    }

    public void sendRedirect(String str) throws IOException {
        validateCrlf("Location", str);
        super.sendRedirect(str);
    }

    public void setHeader(String str, String str2) {
        validateCrlf(str, str2);
        super.setHeader(str, str2);
    }

    public void addHeader(String str, String str2) {
        validateCrlf(str, str2);
        super.addHeader(str, str2);
    }

    public void addCookie(Cookie cookie) {
        if (cookie != null) {
            validateCrlf("Set-Cookie", cookie.getName());
            validateCrlf("Set-Cookie", cookie.getValue());
            validateCrlf("Set-Cookie", cookie.getPath());
            validateCrlf("Set-Cookie", cookie.getDomain());
            validateCrlf("Set-Cookie", cookie.getComment());
        }
        super.addCookie(cookie);
    }

    void validateCrlf(String str, String str2) {
        Assert.isTrue((hasCrlf(str) || hasCrlf(str2)) ? false : true, (Supplier<String>) () -> {
            return "Invalid characters (CR/LF) in header " + str;
        });
    }

    private boolean hasCrlf(String str) {
        return (str == null || (str.indexOf(10) == -1 && str.indexOf(13) == -1)) ? false : true;
    }
}
