package com.els.web.filter;

import cn.hutool.core.util.ReUtil;
import java.util.Iterator;
import java.util.regex.Pattern;
import org.dom4j.DocumentException;
import org.dom4j.Element;
import org.dom4j.io.SAXReader;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/els/web/filter/XSSSecurityManager.class */
public class XSSSecurityManager {
    XSSSecurityConfig securityConfig = new XSSSecurityConfig();
    private static Logger logger = LoggerFactory.getLogger(XSSSecurityManager.class);
    private String REGEX;
    private Pattern XSS_PATTERN;

    public void init(String str) {
        logger.info("XSSSecurityManager init(FilterConfig config) begin");
        try {
            if (initConfig(str)) {
                this.XSS_PATTERN = Pattern.compile(this.REGEX);
            }
        } catch (DocumentException e) {
            logger.error("安全过滤配置文件xss_security_config.xml加载异常", e);
        }
        logger.info("XSSSecurityManager init(FilterConfig config) end");
    }

    public boolean initConfig(String str) throws DocumentException {
        logger.info("XSSSecurityManager.initConfig(String path) begin");
        Element rootElement = new SAXReader().read(str).getRootElement();
        this.securityConfig.IS_CHECK_HEADER = new Boolean(getEleValue(rootElement, XSSSecurityCon.IS_CHECK_HEADER)).booleanValue();
        this.securityConfig.IS_CHECK_PARAMETER = new Boolean(getEleValue(rootElement, XSSSecurityCon.IS_CHECK_PARAMETER)).booleanValue();
        this.securityConfig.IS_LOG = new Boolean(getEleValue(rootElement, XSSSecurityCon.IS_LOG)).booleanValue();
        this.securityConfig.IS_CHAIN = new Boolean(getEleValue(rootElement, XSSSecurityCon.IS_CHAIN)).booleanValue();
        this.securityConfig.REPLACE = new Boolean(getEleValue(rootElement, XSSSecurityCon.REPLACE)).booleanValue();
        Element element = rootElement.element(XSSSecurityCon.REGEX_LIST);
        if (element == null) {
            logger.error("安全过滤配置文件中没有 regexList 属性");
            return false;
        }
        Iterator elementIterator = element.elementIterator();
        StringBuffer stringBuffer = new StringBuffer("^");
        while (elementIterator.hasNext()) {
            stringBuffer.append(((Element) elementIterator.next()).getText().replaceAll("\\\\\\\\", "\\\\"));
            stringBuffer.append("|");
        }
        if (stringBuffer.charAt(stringBuffer.length() - 1) != '|') {
            logger.error("安全过滤配置文件加载失败:正则表达式异常 " + stringBuffer.toString());
            return false;
        }
        this.REGEX = String.valueOf(stringBuffer.substring(0, stringBuffer.length() - 1)) + "$";
        logger.info("安全匹配规则" + this.REGEX);
        logger.info("XSSSecurityManager.initConfig(String path) end");
        return true;
    }

    private static String getEleValue(Element element, String str) {
        if (isNullStr(element.elementText(str))) {
            logger.error("安全过滤配置文件中没有 regexList 属性");
        }
        return element.elementText(str);
    }

    public String securityReplace(String str) {
        if (!isNullStr(str) && ReUtil.isMatch(this.XSS_PATTERN, str)) {
            return ReUtil.replaceAll(str, this.XSS_PATTERN, XSSSecurityCon.REPLACEMENT);
        }
        return str;
    }

    public boolean matches(String str) {
        if (str == null) {
            return false;
        }
        return this.XSS_PATTERN.matcher(str).matches();
    }

    public void destroy() {
        logger.info("XSSSecurityManager.destroy() begin");
        this.XSS_PATTERN = null;
        this.REGEX = null;
        logger.info("XSSSecurityManager.destroy() end");
    }

    public static boolean isNullStr(String str) {
        return str == null || XSSSecurityCon.REPLACEMENT.equals(str.trim());
    }
}
