package top.doudou.common.tool.web.filter.xxs;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import top.doudou.base.exception.XssException;
import top.doudou.base.util.StrUtils;
import top.doudou.common.tool.utils.ValidateUtil;

/* loaded from: input_file:top/doudou/common/tool/web/filter/xxs/XssHttpServletRequestWrapper.class */
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
    boolean isUpData;

    public XssHttpServletRequestWrapper(HttpServletRequest httpServletRequest) {
        super(httpServletRequest);
        this.isUpData = false;
        String contentType = httpServletRequest.getContentType();
        if (null != contentType) {
            this.isUpData = contentType.startsWith("multipart");
        }
    }

    public String[] getParameterValues(String str) {
        String[] parameterValues = super.getParameterValues(str);
        if (parameterValues == null) {
            return null;
        }
        int length = parameterValues.length;
        String[] strArr = new String[length];
        for (int i = 0; i < length; i++) {
            if (ValidateUtil.isContainsDefaultXSSForbiddenCharacter(parameterValues[i])) {
                throw new XssException("Contains illegal characters[From getParameterValues method]:" + parameterValues[i]);
            }
            strArr[i] = StrUtils.cleanXSS(parameterValues[i]);
        }
        return strArr;
    }

    public String getParameter(String str) {
        String parameter = super.getParameter(str);
        if (ValidateUtil.isContainsDefaultXSSForbiddenCharacter(parameter)) {
            throw new XssException("Contains illegal characters[From getParameter method]：" + parameter);
        }
        if (parameter == null) {
            return null;
        }
        return StrUtils.cleanXSS(parameter);
    }

    public Object getAttribute(String str) {
        Object attribute = super.getAttribute(str);
        if (null != attribute && (attribute instanceof String)) {
            if (ValidateUtil.isContainsDefaultXSSForbiddenCharacter(String.valueOf(attribute))) {
                throw new XssException("From getAttribute->参数包含非法字符：{}", new Object[]{String.valueOf(attribute)});
            }
            attribute = StrUtils.cleanXSS((String) attribute);
        }
        return attribute;
    }

    public String getHeader(String str) {
        String header = super.getHeader(str);
        if (header == null) {
            return null;
        }
        return StrUtils.cleanXSS(header);
    }

    public ServletInputStream getInputStream() throws IOException {
        if (this.isUpData) {
            return super.getInputStream();
        }
        final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(inputHandlers(super.getInputStream()).getBytes("utf-8"));
        return new ServletInputStream() { // from class: top.doudou.common.tool.web.filter.xxs.XssHttpServletRequestWrapper.1
            public boolean isFinished() {
                return false;
            }

            public boolean isReady() {
                return false;
            }

            public void setReadListener(ReadListener readListener) {
            }

            public int read() throws IOException {
                return byteArrayInputStream.read();
            }
        };
    }

    public String inputHandlers(ServletInputStream servletInputStream) {
        StringBuilder sb = new StringBuilder();
        BufferedReader bufferedReader = null;
        try {
            try {
                bufferedReader = new BufferedReader(new InputStreamReader((InputStream) servletInputStream, Charset.forName("UTF-8")));
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    sb.append(readLine);
                }
                if (servletInputStream != null) {
                    try {
                        servletInputStream.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                }
            } catch (IOException e3) {
                e3.printStackTrace();
                if (servletInputStream != null) {
                    try {
                        servletInputStream.close();
                    } catch (IOException e4) {
                        e4.printStackTrace();
                    }
                }
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e5) {
                        e5.printStackTrace();
                    }
                }
            }
            if (ValidateUtil.isContainsDefaultXSSForbiddenCharacter(sb.toString())) {
                throw new XssException("Contains illegal characters[From getInputStream method]：" + sb.toString());
            }
            return StrUtils.cleanXSS(sb.toString());
        } catch (Throwable th) {
            if (servletInputStream != null) {
                try {
                    servletInputStream.close();
                } catch (IOException e6) {
                    e6.printStackTrace();
                }
            }
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e7) {
                    e7.printStackTrace();
                }
            }
            throw th;
        }
    }
}
