package com.hccake.ballcat.common.xss.core;

import cn.hutool.core.util.StrUtil;
import com.hccake.ballcat.common.xss.cleaner.XssCleaner;
import com.hccake.ballcat.common.xss.config.XssProperties;
import java.io.IOException;
import java.util.Iterator;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:com/hccake/ballcat/common/xss/core/XssFilter.class */
public class XssFilter extends OncePerRequestFilter {
    private final XssProperties xssProperties;
    private final XssCleaner xssCleaner;
    private static final AntPathMatcher ANT_PATH_MATCHER = new AntPathMatcher();

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        XssStateHolder.open();
        try {
            filterChain.doFilter(new XssRequestWrapper(httpServletRequest, this.xssCleaner), httpServletResponse);
        } finally {
            XssStateHolder.remove();
        }
    }

    protected boolean shouldNotFilter(HttpServletRequest httpServletRequest) throws ServletException {
        if (!this.xssProperties.isEnabled() || !StrUtil.equalsAnyIgnoreCase(httpServletRequest.getMethod(), (CharSequence[]) this.xssProperties.getIncludeHttpMethods().toArray(new String[0]))) {
            return true;
        }
        String requestURI = httpServletRequest.getRequestURI();
        Iterator<String> it = this.xssProperties.getExcludePaths().iterator();
        while (it.hasNext()) {
            if (ANT_PATH_MATCHER.match(it.next(), requestURI)) {
                return true;
            }
        }
        Iterator<String> it2 = this.xssProperties.getIncludePaths().iterator();
        while (it2.hasNext()) {
            if (ANT_PATH_MATCHER.match(it2.next(), requestURI)) {
                return false;
            }
        }
        return false;
    }

    public XssFilter(XssProperties xssProperties, XssCleaner xssCleaner) {
        this.xssProperties = xssProperties;
        this.xssCleaner = xssCleaner;
    }
}
