package com.yqbsoft.laser.service.resources.util;

import java.util.regex.Pattern;

/* loaded from: input_file:com/yqbsoft/laser/service/resources/util/HtmlUtils.class */
public class HtmlUtils {
    public static String stripXssAndSql(String str) {
        if (str != null) {
            str = Pattern.compile("onload(.*?)=", 42).matcher(Pattern.compile("vbscript[\r\n| | ]*:[\r\n| | ]*", 2).matcher(Pattern.compile("alert\\((.*?)\\)", 42).matcher(Pattern.compile("javascript[\r\n| | ]*:[\r\n| | ]*", 2).matcher(Pattern.compile("e-xpression\\((.*?)\\)", 42).matcher(Pattern.compile("eval\\((.*?)\\)", 42).matcher(Pattern.compile("<[\r\n| | ]*script(.*?)>", 42).matcher(Pattern.compile("</[\r\n| | ]*script[\r\n| | ]*>", 2).matcher(Pattern.compile("<[\r\n| | ]*script[\r\n| | ]*>(.*?)</[\r\n| | ]*script[\r\n| | ]*>", 2).matcher(str).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("");
        }
        return str;
    }

    private static String xssEncode(String str) {
        if (str == null || str.isEmpty()) {
            return str;
        }
        String stripXssAndSql = stripXssAndSql(str);
        StringBuilder sb = new StringBuilder(stripXssAndSql.length() + 16);
        for (int i = 0; i < stripXssAndSql.length(); i++) {
            char charAt = stripXssAndSql.charAt(i);
            switch (charAt) {
                case '\"':
                    sb.append("＂");
                    break;
                case '#':
                    sb.append("＃");
                    break;
                case '&':
                    sb.append("＆");
                    break;
                case '\'':
                    sb.append("＇");
                    break;
                case '<':
                    sb.append("＜");
                    break;
                case '>':
                    sb.append("＞");
                    break;
                default:
                    sb.append(charAt);
                    break;
            }
        }
        return sb.toString();
    }
}
