package com.fr.chart.web;

import com.fr.base.DeprecatedChartWebUtils;
import com.fr.base.chart.BaseChartPainter;
import com.fr.base.chart.WebChartCacheSource;
import com.fr.json.JSONObject;
import com.fr.stable.StringUtils;
import com.fr.web.RepositoryDeal;
import com.fr.web.core.ActionNoSessionCMD;
import com.fr.web.core.ErrorHandlerHelper;
import com.fr.web.core.SessionPoolManager;
import com.fr.web.core.TemplateSessionIDInfo;
import com.fr.web.utils.WebUtils;
import java.io.PrintWriter;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:fine-report-engine-10.0.jar:com/fr/chart/web/ChartWriteHtmlAction.class */
public class ChartWriteHtmlAction extends ActionNoSessionCMD {
    @Override // com.fr.stable.web.RequestCMDReceiver
    public String getCMD() {
        return "writer_out_html";
    }

    @Override // com.fr.web.core.ActionNoSessionCMD, com.fr.stable.web.RequestCMDReceiver
    public void actionCMD(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws Exception {
        TemplateSessionIDInfo templateSessionIDInfo = (TemplateSessionIDInfo) SessionPoolManager.getSessionIDInfor(str, TemplateSessionIDInfo.class);
        if (templateSessionIDInfo == null) {
            ErrorHandlerHelper.getErrorHandler().error(httpServletRequest, httpServletResponse, "cmd: \"" + getCMD() + "\", SessionID: \"" + str + "\" not exist.");
            return;
        }
        BaseChartPainter chartPainter = WebChartCacheSource.getChartPainter(str, DeprecatedChartWebUtils.createWebChartIDInfo(httpServletRequest));
        chartPainter.recordWebPreview();
        JSONObject createAttributeConfig = chartPainter.createAttributeConfig(new RepositoryDeal(httpServletRequest, templateSessionIDInfo));
        createAttributeConfig.put("chartID", replaceString4Xss(WebUtils.getHTTPRequestParameter(httpServletRequest, "chartID")));
        PrintWriter createPrintWriter = WebUtils.createPrintWriter(httpServletResponse);
        createPrintWriter.print(createAttributeConfig);
        createPrintWriter.flush();
        createPrintWriter.close();
    }

    public static String replaceString4Xss(String str) {
        return StringUtils.isEmpty(str) ? "" : Pattern.compile("[/<>=\"'\\\\]|onerror|onkeyup|onclick|oncomplete|onload|onmouseover|onmouserout|onabort|onblur|onchange|ondblclick|onfocus|onkeydown|onkeypress|onmousedown|onmouseup|onreset|onresize|onselect|onsubmit|onunload|javas cript|script|frame|src|cookie|style|expression").matcher(str).replaceAll("");
    }
}
