package com.ofpay.rex.security;

import com.ofpay.rex.security.validation.ValidationException;
import com.ofpay.rex.security.validation.ValidationPattern;
import com.ofpay.rex.util.HTMLEscapeUtil;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Vector;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.lang3.ArrayUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/ofpay/rex/security/XssHttpServletRequestWrapper.class */
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
    private static final Logger logger = LoggerFactory.getLogger(XssHttpServletRequestWrapper.class);
    private int paramNameSize;
    private int paramValueSize;
    private String[] excludeFields;

    public XssHttpServletRequestWrapper(HttpServletRequest httpServletRequest, String[] strArr) {
        super(httpServletRequest);
        this.paramNameSize = 150;
        this.paramValueSize = 2000;
        this.excludeFields = strArr;
    }

    public XssHttpServletRequestWrapper(HttpServletRequest httpServletRequest, String[] strArr, Integer num, Integer num2) {
        super(httpServletRequest);
        this.paramNameSize = 150;
        this.paramValueSize = 2000;
        this.excludeFields = strArr;
        if (null != num) {
            this.paramNameSize = num.intValue();
        }
        if (null != num2) {
            this.paramValueSize = num2.intValue();
        }
    }

    public String getContextPath() {
        String contextPath = super.getContextPath();
        if (contextPath == null || "".equals(contextPath.trim())) {
            return "";
        }
        String str = "";
        try {
            str = ValidationPattern.getValidInput("HTTP context path: " + contextPath, contextPath, "HTTPContextPath", 150, false);
        } catch (ValidationException e) {
            logger.warn("Skipping bad ContextPath", e);
        }
        return str;
    }

    public Cookie[] getCookies() {
        Cookie[] cookies = super.getCookies();
        if (cookies == null) {
            return new Cookie[0];
        }
        ArrayList arrayList = new ArrayList();
        for (Cookie cookie : cookies) {
            try {
                String validInput = ValidationPattern.getValidInput("Cookie name: " + cookie.getName(), cookie.getName(), "HTTPCookieName", 150, true);
                String validInput2 = ValidationPattern.getValidInput("Cookie value: " + cookie.getValue(), cookie.getValue(), "HTTPCookieValue", 1000, true);
                int maxAge = cookie.getMaxAge();
                String domain = cookie.getDomain();
                String path = cookie.getPath();
                Cookie cookie2 = new Cookie(validInput, validInput2);
                cookie2.setMaxAge(maxAge);
                if (domain != null) {
                    cookie2.setDomain(ValidationPattern.getValidInput("Cookie domain: " + domain, domain, "HTTPHeaderValue", 200, false));
                }
                if (path != null) {
                    cookie2.setPath(ValidationPattern.getValidInput("Cookie path: " + path, path, "HTTPHeaderValue", 200, false));
                }
                arrayList.add(cookie2);
            } catch (ValidationException e) {
                logger.warn("Skipping bad cookie: {}={}", new Object[]{cookie.getName(), cookie.getValue(), e});
            }
        }
        return (Cookie[]) arrayList.toArray(new Cookie[arrayList.size()]);
    }

    public String getHeader(String str) {
        String header = super.getHeader(str);
        String str2 = "";
        try {
            str2 = ValidationPattern.getValidInput("HTTP header value: " + header, header, "HTTPHeaderValue", 150, true);
        } catch (ValidationException e) {
            logger.warn("Skipping bad Header", e);
        }
        return str2;
    }

    public Enumeration getHeaderNames() {
        Vector vector = new Vector();
        Enumeration headerNames = super.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            try {
                String str = (String) headerNames.nextElement();
                vector.add(ValidationPattern.getValidInput("HTTP header name: " + str, str, "HTTPHeaderName", 150, true));
            } catch (ValidationException e) {
                logger.warn("Skipping bad HeaderNames.i", e);
            }
        }
        return vector.elements();
    }

    public Enumeration getHeaders(String str) {
        Vector vector = new Vector();
        Enumeration headers = super.getHeaders(str);
        while (headers.hasMoreElements()) {
            try {
                String str2 = (String) headers.nextElement();
                vector.add(HTMLEscapeUtil.escape(ValidationPattern.getValidInput("HTTP header value (" + str + "): " + str2, str2, "HTTPHeaderValue", 500, true)));
            } catch (ValidationException e) {
                logger.warn("Skipping bad Headers.i", e);
            }
        }
        return vector.elements();
    }

    public String getParameter(String str) {
        String str2 = null;
        try {
            str2 = ValidationPattern.stripXSS(ValidationPattern.getValidInput("HTTP parameter name: " + str, super.getParameter(str), "HTTPParameterValue", this.paramValueSize, true));
        } catch (ValidationException e) {
            logger.warn("Skipping bad parameter", e);
        }
        return str2;
    }

    public Map getParameterMap() {
        Map parameterMap = super.getParameterMap();
        HashMap hashMap = new HashMap();
        for (Map.Entry entry : parameterMap.entrySet()) {
            try {
                String str = (String) entry.getKey();
                String validInput = ValidationPattern.getValidInput("HTTP parameter name: " + str, str, "HTTPParameterName", this.paramNameSize, true);
                String[] strArr = (String[]) entry.getValue();
                String[] strArr2 = new String[strArr.length];
                for (int i = 0; i < strArr.length; i++) {
                    strArr2[i] = ValidationPattern.stripXSS(ValidationPattern.getValidInput("HTTP parameter value: " + strArr[i], strArr[i], "HTTPParameterValue", this.paramValueSize, true));
                }
                hashMap.put(validInput, strArr2);
            } catch (ValidationException e) {
                logger.warn("Skipping bad ParameterMap.i", e);
            }
        }
        return hashMap;
    }

    public Enumeration getParameterNames() {
        Vector vector = new Vector();
        Enumeration parameterNames = super.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            try {
                String str = (String) parameterNames.nextElement();
                vector.add(ValidationPattern.getValidInput("HTTP parameter name: " + str, str, "HTTPParameterName", this.paramNameSize, true));
            } catch (ValidationException e) {
                logger.warn("Skipping bad ParameterNames.i", e);
            }
        }
        return vector.elements();
    }

    public String[] getParameterValues(String str) {
        if (ArrayUtils.contains(this.excludeFields, str)) {
            return super.getParameterValues(str);
        }
        String[] parameterValues = super.getParameterValues(str);
        if (parameterValues == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : parameterValues) {
            try {
                arrayList.add(ValidationPattern.stripXSS(ValidationPattern.getValidInput("HTTP parameter value: " + str2, str2, "HTTPParameterValue", this.paramValueSize, true)));
            } catch (ValidationException e) {
                logger.warn("Skipping bad ParameterValues.i", e);
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    public String getPathInfo() {
        String pathInfo = super.getPathInfo();
        if (pathInfo == null) {
            return null;
        }
        String str = "";
        try {
            str = ValidationPattern.getValidInput("HTTP path: " + pathInfo, pathInfo, "HTTPPath", 150, true);
        } catch (ValidationException e) {
            logger.warn("Skipping bad PathInfo", e);
        }
        return str;
    }

    public String getQueryString() {
        String queryString = super.getQueryString();
        String str = "";
        try {
            str = ValidationPattern.getValidInput("HTTP query string: " + queryString, queryString, "HTTPQueryString", 2000, true);
        } catch (ValidationException e) {
            logger.warn("Skipping bad QueryString", e);
        }
        return str;
    }

    public String getRequestedSessionId() {
        String requestedSessionId = super.getRequestedSessionId();
        String str = "";
        try {
            str = ValidationPattern.getValidInput("Requested cookie: " + requestedSessionId, requestedSessionId, "HTTPJSESSIONID", 128, false);
        } catch (ValidationException e) {
            logger.warn("Skipping bad RequestedSessionId", e);
        }
        return str;
    }

    public String getRequestURI() {
        String requestURI = super.getRequestURI();
        String str = "";
        try {
            str = ValidationPattern.getValidInput("HTTP URI: " + requestURI, requestURI, "HTTPURI", 2000, false);
        } catch (ValidationException e) {
            logger.warn("Skipping bad RequestURI", e);
        }
        return str;
    }

    public StringBuffer getRequestURL() {
        String stringBuffer = super.getRequestURL().toString();
        String str = "";
        try {
            str = ValidationPattern.getValidInput("HTTP URL: " + stringBuffer, stringBuffer, "HTTPURL", 2000, false);
        } catch (ValidationException e) {
            logger.warn("Skipping bad RequestURL", e);
        }
        return new StringBuffer(str);
    }

    public String getScheme() {
        String scheme = super.getScheme();
        String str = "";
        try {
            str = ValidationPattern.getValidInput("HTTP scheme: " + scheme, scheme, "HTTPScheme", 10, false);
        } catch (ValidationException e) {
            logger.warn("Skipping bad Scheme", e);
        }
        return str;
    }

    public String getServerName() {
        String serverName = super.getServerName();
        String str = "";
        try {
            str = ValidationPattern.getValidInput("HTTP server name: " + serverName, serverName, "HTTPServerName", 100, false);
        } catch (ValidationException e) {
            logger.warn("Skipping bad ServerName", e);
        }
        return str;
    }

    public int getServerPort() {
        int serverPort = super.getServerPort();
        if (serverPort < 0 || serverPort > 65535) {
            logger.warn("HTTP server port out of range: " + serverPort);
            serverPort = 0;
        }
        return serverPort;
    }

    public String getServletPath() {
        String servletPath = super.getServletPath();
        String str = "";
        try {
            str = ValidationPattern.getValidInput("HTTP servlet path: " + servletPath, servletPath, "HTTPServletPath", 200, false);
        } catch (ValidationException e) {
            logger.warn("Skipping bad ServletPath", e);
        }
        return str;
    }
}
