package cn.gtmap.gtc.starter.gcas.xss;

import cn.gtmap.gtc.starter.gcas.util.ClientIpUtils;
import java.io.IOException;
import java.util.Collection;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.web.util.UrlPathHelper;

/* loaded from: input_file:BOOT-INF/lib/gtmap-cloud-app-starter-2.1.0.jar:cn/gtmap/gtc/starter/gcas/xss/XssFilter.class */
public class XssFilter extends OncePerRequestFilter {
    private final Collection<String> urls;
    private final Collection<String> excludes;
    private final boolean json;
    private PathMatcher pathMatcher = new AntPathMatcher();
    private UrlPathHelper urlPathHelper = new UrlPathHelper();

    public XssFilter(String str, boolean z, String str2) {
        this.urls = StringUtils.commaDelimitedListToSet(StringUtils.isEmpty(str) ? "/**" : str);
        this.json = z;
        this.excludes = StringUtils.commaDelimitedListToSet(str2);
    }

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        String lookupPathForRequest = this.urlPathHelper.getLookupPathForRequest(httpServletRequest);
        if (ClientIpUtils.matchUrl(this.pathMatcher, this.excludes, lookupPathForRequest)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else if (ClientIpUtils.matchUrl(this.pathMatcher, this.urls, lookupPathForRequest)) {
            filterChain.doFilter(new XssHttpServletRequestWrapper(httpServletRequest, this.json), httpServletResponse);
        } else {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }
}
