package com.qjsoft.laser.controller.springmvc.util;

import com.yqbsoft.laser.service.suppercore.log.SupperLogUtil;
import java.net.URLDecoder;
import java.util.regex.Pattern;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;
import org.jsoup.safety.Whitelist;

/* loaded from: input_file:com/qjsoft/laser/controller/springmvc/util/JsoupUtil.class */
public class JsoupUtil {
    private static SupperLogUtil logger = new SupperLogUtil(JsoupUtil.class);
    private static final Whitelist whitelist = Whitelist.basicWithImages();
    private static final Document.OutputSettings outputSettings = new Document.OutputSettings().prettyPrint(false);

    public static String clean1(String str) {
        return Jsoup.clean(str, "", whitelist, outputSettings);
    }

    public static String stripXSSAndSql(String str) {
        if (str != null) {
            str = Pattern.compile(">", 40).matcher(Pattern.compile("<", 40).matcher(Pattern.compile("confirm(.*?)", 42).matcher(Pattern.compile("alert(.*?)", 42).matcher(Pattern.compile("(<(script|iframe|embed|frame|frameset|object|img|applet|body|html|style|layer|link|ilayer|meta|bgsound))").matcher(Pattern.compile("onfocus(.*?)", 42).matcher(Pattern.compile("onclick(.*?)=", 42).matcher(Pattern.compile("onerror(.*?)=", 42).matcher(Pattern.compile("onload(.*?)=", 42).matcher(Pattern.compile("vbscript[\r\n| | ]*:[\r\n| | ]*", 2).matcher(Pattern.compile("javascript[\r\n| | ]*:[\r\n| | ]*", 2).matcher(Pattern.compile("e-xpression\\((.*?)\\)", 42).matcher(Pattern.compile("eval\\((.*?)\\)", 42).matcher(Pattern.compile("<[\r\n| | ]*script(.*?)>", 42).matcher(Pattern.compile("</[\r\n| | ]*script[\r\n| | ]*>", 2).matcher(Pattern.compile("src[\r\n| | ]*=[\r\n| | ]*[\\\"|\\'](.*?)[\\\"|\\']", 42).matcher(Pattern.compile("<[\r\n| | ]iframe[\r\n| | ]*>(.*?)</[\r\n| | ]iframe[\r\n| | ]*>", 2).matcher(Pattern.compile("<[\r\n| | ]*script[\r\n| | ]*>(.*?)</[\r\n| | ]*script[\r\n| | ]*>", 2).matcher(Pattern.compile("src[\r\n]*=[\r\n]*\\\"(.*?)\\\"", 42).matcher(Pattern.compile("src[\r\n]*=[\r\n]*\\'(.*?)\\'", 42).matcher(Pattern.compile("<script>(.*?)</script>", 2).matcher(str).replaceAll(" ")).replaceAll(" ")).replaceAll(" ")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("rel=")).replaceAll(" ")).replaceAll(" ")).replaceAll(" ")).replaceAll(" ")).replaceAll(" ")).replaceAll(" ");
        }
        return str;
    }

    public static String clean(String str) {
        if (str == null || str.isEmpty()) {
            return str;
        }
        try {
            str = URLDecoder.decode(str.replaceAll("%(?![0-9a-fA-F]{2})", "%25").replaceAll("\\+", "%2B"), "utf-8");
        } catch (Exception e) {
        }
        String stripXSSAndSql = stripXSSAndSql(str);
        StringBuilder sb = new StringBuilder(stripXSSAndSql.length() + 16);
        for (int i = 0; i < stripXSSAndSql.length(); i++) {
            char charAt = stripXSSAndSql.charAt(i);
            switch (charAt) {
                case '#':
                    sb.append("＃");
                    break;
                case '&':
                    sb.append("＆");
                    break;
                case '<':
                    sb.append("＜");
                    break;
                case '>':
                    sb.append("＞");
                    break;
                default:
                    sb.append(charAt);
                    break;
            }
        }
        return sb.toString();
    }

    static {
        whitelist.addAttributes(":all", new String[]{"style"});
    }
}
