package cn.stylefeng.roses.kernel.security.xss;

import cn.hutool.core.util.ObjectUtil;
import cn.stylefeng.roses.kernel.security.xss.prop.XssProperties;
import java.io.IOException;
import java.util.Iterator;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.springframework.util.AntPathMatcher;

/* loaded from: input_file:cn/stylefeng/roses/kernel/security/xss/XssFilter.class */
public class XssFilter implements Filter {
    public static final String FILTER_NAME = "GUNS_XSS_FILTER";
    private final XssProperties xssProperties;

    public XssFilter(XssProperties xssProperties) {
        this.xssProperties = xssProperties;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String servletPath = httpServletRequest.getServletPath();
        String contextPath = httpServletRequest.getContextPath();
        AntPathMatcher antPathMatcher = new AntPathMatcher();
        if (this.xssProperties != null && ObjectUtil.isNotEmpty(this.xssProperties.getUrlExclusion())) {
            Iterator<String> it = this.xssProperties.getUrlExclusion().iterator();
            while (it.hasNext()) {
                if (antPathMatcher.match(contextPath + it.next(), servletPath)) {
                    filterChain.doFilter(servletRequest, servletResponse);
                    return;
                }
            }
        }
        filterChain.doFilter(new XssHttpServletRequestWrapper((HttpServletRequest) servletRequest), servletResponse);
    }
}
