package com.jdaz.sinosoftgz.apis.business.app.starter.filter;

import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

/* loaded from: input_file:com/jdaz/sinosoftgz/apis/business/app/starter/filter/InjectionAttackWrapper.class */
public class InjectionAttackWrapper extends HttpServletRequestWrapper {
    private static final String EVENTS = "((?i)onload|onunload|onchange|onsubmit|onreset|onselect|onblur|onfocus|onkeydown|onkeypress|onkeyup|onclick|ondblclick|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup)";
    private static final String XSS_HTML_TAG = "(%3C)|(%3E)|[<>]+";
    private static final String XSS_INJECTION = "((%22%20)|(%22\\s)|('%22)|(%22\\+))\\w.*|(\\s|%20)((?i)onload|onunload|onchange|onsubmit|onreset|onselect|onblur|onfocus|onkeydown|onkeypress|onkeyup|onclick|ondblclick|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup).*|(%3D)|(%7C)";
    private static final String XSS_REGEX = "(%3C)|(%3E)|[<>]+|((%22%20)|(%22\\s)|('%22)|(%22\\+))\\w.*|(\\s|%20)((?i)onload|onunload|onchange|onsubmit|onreset|onselect|onblur|onfocus|onkeydown|onkeypress|onkeyup|onclick|ondblclick|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup).*|(%3D)|(%7C)";
    private static final String SQL_REGEX = "('.+--)|(--)|(\\|)|(%7C)";
    boolean filterXss;
    boolean filterSql;

    public InjectionAttackWrapper(HttpServletRequest httpServletRequest, boolean z, boolean z2) {
        super(httpServletRequest);
        this.filterXss = true;
        this.filterSql = true;
        this.filterXss = z;
        this.filterSql = z2;
    }

    public InjectionAttackWrapper(HttpServletRequest httpServletRequest) {
        this(httpServletRequest, true, true);
    }

    public String getParameter(String str) {
        return filterParamString(super.getParameter(str));
    }

    public Map<String, String[]> getParameterMap() {
        Map parameterMap = super.getParameterMap();
        HashMap hashMap = new HashMap(parameterMap.size());
        for (String str : parameterMap.keySet()) {
            hashMap.put(str, filterStringArray((String[]) parameterMap.get(str)));
        }
        return hashMap;
    }

    protected String[] filterStringArray(String[] strArr) {
        String[] strArr2 = new String[strArr.length];
        for (int i = 0; i < strArr.length; i++) {
            strArr2[i] = filterParamString(strArr[i]);
        }
        return strArr2;
    }

    public String[] getParameterValues(String str) {
        String[] parameterValues = super.getParameterValues(str);
        if (parameterValues == null) {
            return null;
        }
        String[] strArr = new String[parameterValues.length];
        for (int i = 0; i < parameterValues.length; i++) {
            strArr[i] = filterParamString(parameterValues[i]);
        }
        return strArr;
    }

    protected String filterParamString(String str) {
        if (str == null) {
            return null;
        }
        if (filterXss()) {
            str = str.replaceAll(XSS_REGEX, "");
        }
        if (filterSql()) {
            str = str.replaceAll(SQL_REGEX, "");
        }
        return str;
    }

    public Cookie[] getCookies() {
        Cookie[] cookies = super.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                cookie.setValue(filterParamString(cookie.getValue()));
            }
        }
        return cookies;
    }

    public String getQueryString() {
        return filterParamString(super.getQueryString());
    }

    protected boolean filterXss() {
        return this.filterXss;
    }

    protected boolean filterSql() {
        return this.filterSql;
    }
}
