package cn.gtmap.surveyplat.common.utils.xss;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:cn/gtmap/surveyplat/common/utils/xss/XssAndSqlFilter.class */
public class XssAndSqlFilter implements Filter {
    private String excludedPages;
    private String[] excludedPageArray;

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String servletPath = ((HttpServletRequest) servletRequest).getServletPath();
        boolean z = false;
        if (null != this.excludedPageArray) {
            String[] strArr = this.excludedPageArray;
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (validUrl(servletPath, strArr[i])) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        if (z) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else if (StringUtils.startsWith(servletRequest.getContentType(), "multipart/form-data")) {
            filterChain.doFilter(new XssAndSqlFormDataWrapper((HttpServletRequest) servletRequest), servletResponse);
        } else {
            filterChain.doFilter(new XssAndSqlHttpServletRequestWrapper((HttpServletRequest) servletRequest), servletResponse);
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.excludedPages = filterConfig.getInitParameter("excludedPages");
        if (StringUtils.isNotEmpty(this.excludedPages)) {
            this.excludedPageArray = this.excludedPages.split(",");
        }
        if (null == this.excludedPageArray || this.excludedPageArray.length == 0) {
            return;
        }
        for (int i = 0; i < this.excludedPageArray.length; i++) {
            this.excludedPageArray[i] = StringUtils.trim(this.excludedPageArray[i]);
        }
    }

    private boolean validUrl(String str, String str2) {
        if (str2.endsWith("/*") || str2.endsWith("/**")) {
            str2 = str2.replace("*", "");
        }
        return str.startsWith(str2) || StringUtils.equals(str, str2.substring(0, str2.length() - 1));
    }
}
