package com.finstone.titan.security.web.filter;

import com.fins.modules.utils.JsonUtilsEx;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.lang3.ArrayUtils;
import org.springframework.web.util.HtmlUtils;

/* compiled from: XSSFilter.java */
/* loaded from: input_file:com/finstone/titan/security/web/filter/XssHttpServletRequestWrapper.class */
class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
    private static String[] NOFILER_PARAM_NAMES = {"reportXML"};
    HttpServletRequest orgRequest;

    public XssHttpServletRequestWrapper(HttpServletRequest httpServletRequest) {
        super(httpServletRequest);
        this.orgRequest = null;
        this.orgRequest = httpServletRequest;
    }

    public String getParameter(String str) {
        String parameter = super.getParameter(str);
        if (parameter != null) {
            if (ArrayUtils.indexOf(NOFILER_PARAM_NAMES, str) != -1) {
                return parameter;
            }
            parameter = xssEncode(parameter);
        }
        return parameter;
    }

    private static String xssEncode(String str) {
        if (str == null || "".equals(str)) {
            return str;
        }
        Map<String, Object> fromJson = JsonUtilsEx.fromJson(str, true);
        return fromJson == null ? HtmlUtils.htmlEscape(str).replaceAll("\r\n", "<br/>") : JsonUtilsEx.toJson(fromJson);
    }

    public HttpServletRequest getOrgRequest() {
        return this.orgRequest;
    }

    public static HttpServletRequest getOrgRequest(HttpServletRequest httpServletRequest) {
        return httpServletRequest instanceof XssHttpServletRequestWrapper ? ((XssHttpServletRequestWrapper) httpServletRequest).getOrgRequest() : httpServletRequest;
    }
}
