package cn.gtmap.surveyplat.common.utils.xss;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.util.MultiValueMap;
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.multipart.MultipartHttpServletRequest;
import org.springframework.web.multipart.commons.CommonsMultipartResolver;

/* loaded from: input_file:cn/gtmap/surveyplat/common/utils/xss/XssAndSqlFormDataWrapper.class */
public class XssAndSqlFormDataWrapper extends HttpServletRequestWrapper implements MultipartHttpServletRequest {
    private Map<String, String[]> params;
    private MultipartHttpServletRequest multReq;

    public XssAndSqlFormDataWrapper(HttpServletRequest httpServletRequest) {
        super(httpServletRequest);
        this.params = new HashMap();
        this.multReq = new CommonsMultipartResolver().resolveMultipart(httpServletRequest);
        this.params.putAll(this.multReq.getParameterMap());
    }

    public Map<String, MultipartFile> getFileMap() {
        return this.multReq.getFileMap();
    }

    public MultiValueMap<String, MultipartFile> getMultiFileMap() {
        return this.multReq.getMultiFileMap();
    }

    public String getMultipartContentType(String str) {
        return this.multReq.getMultipartContentType(str);
    }

    public Iterator<String> getFileNames() {
        return this.multReq.getFileNames();
    }

    public MultipartFile getFile(String str) {
        return this.multReq.getFile(str);
    }

    public List<MultipartFile> getFiles(String str) {
        return this.multReq.getFiles(str);
    }

    public String[] getParameterValues(String str) {
        if (this.multReq.getFile(str) != null) {
            return null;
        }
        try {
            return new String[]{clearXss(new String(this.params.get(str)[0].getBytes("ISO-8859-1"), "UTF-8"))};
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    public Enumeration<String> getParameterNames() {
        HashMap hashMap = new HashMap();
        hashMap.putAll(super.getParameterMap());
        hashMap.putAll(getFileMap());
        return Collections.enumeration(hashMap.keySet());
    }

    public String getParameter(String str) {
        String[] strArr = this.params.get(str);
        if (strArr == null || strArr.length == 0) {
            return null;
        }
        return strArr[0];
    }

    public void addParameter(String str, Object obj) {
        if (obj != null) {
            if (obj instanceof String[]) {
                this.params.put(str, (String[]) obj);
            } else if (obj instanceof String) {
                this.params.put(str, new String[]{(String) obj});
            } else {
                this.params.put(str, new String[]{String.valueOf(obj)});
            }
        }
    }

    public BufferedReader getReader() throws IOException {
        return this.multReq.getReader();
    }

    public ServletInputStream getInputStream() throws IOException {
        return this.multReq.getInputStream();
    }

    public HttpMethod getRequestMethod() {
        return this.multReq.getRequestMethod();
    }

    public HttpHeaders getRequestHeaders() {
        return this.multReq.getRequestHeaders();
    }

    public HttpHeaders getMultipartHeaders(String str) {
        return this.multReq.getMultipartHeaders(str);
    }

    private String clearXss(String str) {
        return StringUtils.isEmpty(str) ? str : XssFilterUtil.stripXss(str, getRequest());
    }

    private static String xssEncode(String str) {
        return (str == null || str.isEmpty()) ? str : str.replaceAll("eval\\((.*)\\)", "").replaceAll("<", "&lt;").replaceAll(">", "&gt;").replaceAll("'", "&apos;").replaceAll("[\\\"\\'][\\s]*javascript:(.*)[\\\"\\']", "\"\"").replaceAll("(?i)<script.*?>.*?<script.*?>", "").replaceAll("(?i)<script.*?>.*?</script.*?>", "").replaceAll("(?i)<.*?javascript:.*?>.*?</.*?>", "").replaceAll("(?i)<.*?\\s+on.*?>.*?</.*?>", "");
    }
}
