package cn.gtmap.realestate.core.support.spring;

import cn.gtmap.realestate.util.XssShieldUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:WEB-INF/classes/cn/gtmap/realestate/core/support/spring/XssHttpServletRequestWrapper.class */
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
    public XssHttpServletRequestWrapper(HttpServletRequest httpServletRequest) {
        super(httpServletRequest);
    }

    @Override // javax.servlet.ServletRequestWrapper, javax.servlet.ServletRequest
    public String getParameter(String str) {
        return XssShieldUtils.stripXss(super.getParameter(XssShieldUtils.stripXss(str)));
    }

    @Override // javax.servlet.ServletRequestWrapper, javax.servlet.ServletRequest
    public String[] getParameterValues(String str) {
        String[] parameterValues = super.getParameterValues(XssShieldUtils.stripXss(str));
        if (parameterValues != null) {
            for (int i = 0; i < parameterValues.length; i++) {
                parameterValues[i] = XssShieldUtils.stripXss(parameterValues[i]);
            }
        }
        return parameterValues;
    }

    @Override // javax.servlet.ServletRequestWrapper, javax.servlet.ServletRequest
    public ServletInputStream getInputStream() throws IOException {
        if (!"application/json".equalsIgnoreCase(super.getHeader("Content-Type"))) {
            return super.getInputStream();
        }
        String iOUtils = IOUtils.toString(super.getInputStream(), "utf-8");
        if (StringUtils.isBlank(iOUtils)) {
            return super.getInputStream();
        }
        final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(XssShieldUtils.stripXss(iOUtils).getBytes("utf-8"));
        return new ServletInputStream() { // from class: cn.gtmap.realestate.core.support.spring.XssHttpServletRequestWrapper.1
            @Override // java.io.InputStream
            public int read() throws IOException {
                return byteArrayInputStream.read();
            }
        };
    }
}
