package filters;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:filters/XSSHttpRequestWrapper.class */
public class XSSHttpRequestWrapper extends HttpServletRequestWrapper {
    public XSSHttpRequestWrapper(HttpServletRequest httpServletRequest) {
        super(httpServletRequest);
    }

    public String getHeader(String str) {
        String header = super.getHeader(str);
        if (XSSSecurityConfig.REPLACE) {
            XSSSecurityManager.securityReplace(str);
        }
        return header;
    }

    private boolean checkHeader() {
        Enumeration headerNames = getHeaderNames();
        while (headerNames.hasMoreElements()) {
            if (XSSSecurityManager.matches(getHeader((String) headerNames.nextElement()))) {
                return true;
            }
        }
        return false;
    }

    private boolean checkParameter() throws UnsupportedEncodingException {
        Map parameterMap = getParameterMap();
        Iterator it = parameterMap.keySet().iterator();
        while (it.hasNext()) {
            Object obj = parameterMap.get((String) it.next());
            if (obj instanceof String) {
                if (XSSSecurityManager.matches(obj.toString())) {
                    return true;
                }
            } else if (obj instanceof String[]) {
                for (String str : (String[]) obj) {
                    if (XSSSecurityManager.matches(str)) {
                        return true;
                    }
                }
            } else {
                continue;
            }
        }
        return false;
    }

    public boolean validateParameter(HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (XSSSecurityConfig.IS_CHECK_HEADER && checkHeader()) {
            return true;
        }
        return XSSSecurityConfig.IS_CHECK_PARAMETER && checkParameter();
    }
}
