package com.codesnippets4all.xss.request;

import com.codesnippets4all.xss.config.handlers.XSSConfigHandler;
import com.codesnippets4all.xss.exceptions.XSSFilterRuntimeException;
import java.io.IOException;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/codesnippets4all/xss/request/XSSAttacksPreventionRequestWrapper.class */
public class XSSAttacksPreventionRequestWrapper extends HttpServletRequestWrapper {
    private HttpServletRequest request;
    private HttpServletResponse response;
    private String attackAction;

    public XSSAttacksPreventionRequestWrapper(HttpServletRequest httpServletRequest) {
        super(httpServletRequest);
        this.request = null;
        this.response = null;
        this.attackAction = null;
        this.request = httpServletRequest;
    }

    public void setResponse(HttpServletResponse httpServletResponse) {
        this.response = httpServletResponse;
    }

    public void setAttackAction(String str) {
        this.attackAction = str;
    }

    public String[] getParameterValues(String str) {
        String[] parameterValues = this.request.getParameterValues(str);
        if (parameterValues == null) {
            return null;
        }
        List<String> parameters = XSSConfigHandler.getInstance().getParameters();
        if (parameters != null && !parameters.isEmpty() && Collections.binarySearch(parameters, str) < 0) {
            return parameterValues;
        }
        String[] strArr = new String[parameterValues.length];
        for (int i = 0; i < parameterValues.length; i++) {
            strArr[i] = applyAction(parameterValues[i]);
        }
        return strArr;
    }

    public String getParameter(String str) {
        String parameter = this.request.getParameter(str);
        List<String> parameters = XSSConfigHandler.getInstance().getParameters();
        return (parameters == null || parameters.isEmpty() || Collections.binarySearch(parameters, str) >= 0) ? applyAction(parameter) : parameter;
    }

    public String getHeader(String str) {
        String header = this.request.getHeader(str);
        List<String> headers = XSSConfigHandler.getInstance().getHeaders();
        return (headers == null || headers.isEmpty() || Collections.binarySearch(headers, str) >= 0) ? applyAction(header) : header;
    }

    private String applyAction(String str) {
        if (str != null) {
            Iterator<Pattern> it = XSSConfigHandler.getInstance().getPatterns().iterator();
            while (it.hasNext()) {
                Matcher matcher = it.next().matcher(str);
                if (matcher.find()) {
                    if (this.attackAction.equals("cleanup")) {
                        str = matcher.replaceAll("");
                    } else {
                        try {
                            this.request.getRequestDispatcher(this.attackAction).forward(this.request, this.response);
                        } catch (ServletException e) {
                            throw new XSSFilterRuntimeException(e);
                        } catch (IOException e2) {
                            throw new XSSFilterRuntimeException(e2);
                        }
                    }
                }
            }
        }
        return str;
    }
}
