package com.apusic.util.filters;

import com.apusic.web.http.util.Constants;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/apusic/util/filters/AttackFilter2.class */
public class AttackFilter2 implements Filter {
    private static final String ALL_ROOT = "allRoot";
    private boolean enableCSRFCheck;
    private boolean enableCSRFCheck_Post;
    private boolean enableCSRFCheck_URL;
    private static String[] SERVERNAME_WHITELIST;
    private static final String[] HTMLASC_X = {"&#x28;", "&#x29;", "&#x6a;", "&#x61;", "&#x76;", "&#x61;", "&#x73;", "&#x63;", "&#x72;", "&#x69;", "&#x70;", "&#x74;", "&#x3a;"};
    private static final String[] HTMLASC = {"&#40;", "&#41;", "&#106;", "&#97;", "&#118;", "&#97;", "&#115;", "&#99;", "&#114;", "&#105;", "&#112;", "&#116;", "&#58;"};
    private static final String[] HTMLCHARS = {"(", ")", "j", "a", "v", "a", "s", "c", "r", "i", "p", "t", ":"};
    private boolean enabled = false;
    private List<String> URL_AllowsList = null;
    private List<String> URL_XSSAllowsList = null;
    private Map<String, Pattern[]> allowMap = new HashMap();
    private Map<String, Pattern[]> denyMap = new HashMap();
    private List<String> scriptList = new ArrayList();
    private List<String> methodList = new ArrayList();
    private List<String> keywordsList = new ArrayList();

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!checkAccess((HttpServletRequest) servletRequest)) {
            ((HttpServletResponse) servletResponse).sendError(403);
            return;
        }
        if (this.enableCSRFCheck && !checkCSRF(servletRequest)) {
            ((HttpServletResponse) servletResponse).sendError(403);
        } else if (this.enabled && hasAttack(servletRequest)) {
            ((HttpServletResponse) servletResponse).sendError(403);
        } else {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private boolean checkAccess(HttpServletRequest httpServletRequest) {
        String remoteAddr = httpServletRequest.getRemoteAddr();
        String contextPath = httpServletRequest.getContextPath();
        return isAllowHost(remoteAddr, contextPath) && !isDenyHost(remoteAddr, contextPath);
    }

    private boolean hasAttack(ServletRequest servletRequest) {
        return hasAttack(((HttpServletRequest) servletRequest).getRequestURI(), servletRequest.getParameterMap());
    }

    private boolean checkCSRF(ServletRequest servletRequest) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String header = httpServletRequest.getHeader("Referer");
        String remoteAddr = httpServletRequest.getRemoteAddr();
        if (SERVERNAME_WHITELIST != null && SERVERNAME_WHITELIST.length > 0) {
            for (int i = 0; i < SERVERNAME_WHITELIST.length; i++) {
                if ((header != null && header.indexOf(SERVERNAME_WHITELIST[i]) >= 0) || remoteAddr.startsWith(SERVERNAME_WHITELIST[i])) {
                    return true;
                }
            }
        }
        if (this.enableCSRFCheck_URL) {
            if (isAllowURL(this.URL_AllowsList, httpServletRequest.getRequestURI())) {
                return true;
            }
        }
        if (this.enableCSRFCheck_Post) {
            String method = httpServletRequest.getMethod();
            if ((header == null || header.length() <= 0) && method.equals(Constants.POST)) {
                return false;
            }
        }
        return header == null || header.length() <= 0 || header.contains(servletRequest.getServerName());
    }

    protected boolean hasAttack(String str, Map<String, String[]> map) {
        if (isAllowURL(this.URL_AllowsList, str) || testAttack(htmlNotationtoChar(str))) {
            return true;
        }
        boolean z = false;
        Iterator<String> it = map.keySet().iterator();
        while (it.hasNext() && !z) {
            String str2 = it.next().toString();
            String[] strArr = map.get(str2);
            z = testAttack(htmlNotationtoChar(str2.toLowerCase()));
            if (!z && strArr != null && strArr.length > 0) {
                for (String str3 : strArr) {
                    z = testAttack(htmlNotationtoChar(str3.toLowerCase()));
                    if (z) {
                        break;
                    }
                }
            }
        }
        return z;
    }

    private boolean testAttack(String str) {
        Iterator<String> it = this.scriptList.iterator();
        while (it.hasNext()) {
            if (testScript(str, it.next())) {
                return true;
            }
        }
        Iterator<String> it2 = this.methodList.iterator();
        while (it2.hasNext()) {
            if (testMethod(str, it2.next())) {
                return true;
            }
        }
        Iterator<String> it3 = this.keywordsList.iterator();
        while (it3.hasNext()) {
            if (testKeywords(str, it3.next())) {
                return true;
            }
        }
        return false;
    }

    private static boolean parseBoolean(String str, boolean z) {
        if (str != null) {
            String trim = str.trim();
            if (!trim.isEmpty()) {
                if ("true".equalsIgnoreCase(trim)) {
                    return true;
                }
                if ("false".equalsIgnoreCase(trim)) {
                    return false;
                }
                return z;
            }
        }
        return z;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.enabled = parseBoolean(filterConfig.getInitParameter("enableAttackFilter"), false);
        this.enableCSRFCheck = parseBoolean(filterConfig.getInitParameter("enableCSRFCheck"), false);
        this.enableCSRFCheck_Post = parseBoolean(filterConfig.getInitParameter("enableCSRFCheck_POST"), false);
        this.enableCSRFCheck_URL = parseBoolean(filterConfig.getInitParameter("enableCSRFCheck_URL"), false);
        String initParameter = filterConfig.getInitParameter("allowHosts");
        String initParameter2 = filterConfig.getInitParameter("denyHosts");
        String initParameter3 = filterConfig.getInitParameter("filterKW1");
        String initParameter4 = filterConfig.getInitParameter("filterKW2");
        String initParameter5 = filterConfig.getInitParameter("serverNameWhiteList");
        String initParameter6 = filterConfig.getInitParameter("allow_URLS");
        String initParameter7 = filterConfig.getInitParameter("allow_XSSURLS");
        List<String> emptyList = Collections.emptyList();
        List<String> asList = initParameter3 == null ? emptyList : Arrays.asList(initParameter3.split(","));
        List<String> asList2 = initParameter4 == null ? emptyList : Arrays.asList(initParameter4.split(","));
        this.URL_AllowsList = initParameter6 == null ? emptyList : Arrays.asList(initParameter6.split(","));
        this.URL_XSSAllowsList = initParameter7 == null ? emptyList : Arrays.asList(initParameter7.split(","));
        this.methodList.addAll(asList);
        this.keywordsList.addAll(asList2);
        this.scriptList.add("script");
        this.scriptList.add("javascript");
        if (!this.methodList.contains("alert")) {
            this.methodList.add("alert");
        }
        if (!this.methodList.contains("eval")) {
            this.methodList.add("eval");
        }
        if (initParameter5 != null && !initParameter5.trim().equals("")) {
            SERVERNAME_WHITELIST = initParameter5.trim().split(",");
        }
        if (initParameter != null && initParameter.length() > 0) {
            int indexOf = initParameter.indexOf(":");
            String str = null;
            if (indexOf > 0) {
                str = initParameter.substring(0, indexOf);
                initParameter = initParameter.substring(indexOf + 1);
            }
            String[] split = initParameter.split(",");
            Pattern[] patternArr = new Pattern[split.length];
            int i = 0;
            for (String str2 : split) {
                int i2 = i;
                i++;
                patternArr[i2] = Pattern.compile(str2.replaceAll("\\.", "\\\\.").replaceAll("\\*", ".\\*"));
            }
            this.allowMap.put((str == null || str.equals("")) ? ALL_ROOT : str, patternArr);
        }
        if (initParameter2 == null || initParameter2.length() <= 0) {
            return;
        }
        int indexOf2 = initParameter2.indexOf(":");
        String str3 = null;
        if (indexOf2 > 0) {
            str3 = initParameter2.substring(0, indexOf2);
            initParameter2 = initParameter2.substring(indexOf2 + 1);
        }
        String[] split2 = initParameter2.split(",");
        Pattern[] patternArr2 = new Pattern[split2.length];
        int i3 = 0;
        for (String str4 : split2) {
            int i4 = i3;
            i3++;
            patternArr2[i4] = Pattern.compile(str4.replaceAll("\\.", "\\\\.").replaceAll("\\*", ".\\*"));
        }
        this.denyMap.put((str3 == null || str3.equals("")) ? ALL_ROOT : str3, patternArr2);
    }

    public boolean isAllowHost(String str, String str2) {
        if (str2 == null || str2.length() == 0 || str2.equals("/")) {
            str2 = ALL_ROOT;
        }
        Pattern[] patternArr = this.allowMap.get(str2);
        if (patternArr == null) {
            return true;
        }
        for (Pattern pattern : patternArr) {
            if (pattern.matcher(str).matches()) {
                return true;
            }
        }
        return false;
    }

    public boolean isDenyHost(String str, String str2) {
        if (str2 == null || str2.length() == 0 || str2.equals("/")) {
            str2 = ALL_ROOT;
        }
        Pattern[] patternArr = this.denyMap.get(str2);
        if (patternArr == null) {
            return false;
        }
        for (Pattern pattern : patternArr) {
            if (pattern.matcher(str).matches()) {
                return true;
            }
        }
        return false;
    }

    private boolean isAllowURL(List<String> list, String str) {
        if (list.isEmpty()) {
            return false;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (!next.startsWith("/")) {
                if (next.startsWith("*")) {
                    next = next.substring(1);
                }
                if (str.endsWith(next)) {
                    return true;
                }
            } else if (str.startsWith(next)) {
                return true;
            }
        }
        return false;
    }

    public static String htmlNotationtoChar(String str) {
        String replace = str.replace((char) 0, ' ');
        if (replace.indexOf("&#") > -1) {
            for (int i = 0; i < HTMLASC_X.length; i++) {
                replace = replace.replace(HTMLASC_X[i], HTMLCHARS[i]);
            }
        }
        if (replace.indexOf("&#") > -1) {
            for (int i2 = 0; i2 < HTMLASC.length; i2++) {
                replace = replace.replace(HTMLASC[i2], HTMLCHARS[i2]);
            }
        }
        return replace;
    }

    public void destroy() {
        this.denyMap.clear();
        this.allowMap.clear();
    }

    public static boolean testScript(String str, String str2) {
        int indexOf;
        String str3 = "<" + str2;
        String str4 = "</" + str2;
        int length = str.length();
        boolean z = false;
        int indexOf2 = str.indexOf(str3);
        int indexOf3 = str.indexOf(str4);
        if (indexOf2 < 0 || indexOf3 < 0) {
            return false;
        }
        int length2 = indexOf2 + str3.length();
        while (true) {
            if (length2 >= length) {
                break;
            }
            if (Character.isSpaceChar(str.charAt(length2))) {
                length2++;
            } else {
                z = str.charAt(length2) == '>';
            }
        }
        if (!z || length < length2 + str4.length() + 1 || (indexOf = str.indexOf(str4, length2)) < 0) {
            return false;
        }
        int length3 = indexOf + str4.length();
        boolean z2 = false;
        while (true) {
            if (length3 >= length) {
                break;
            }
            if (Character.isSpaceChar(str.charAt(length3))) {
                length3++;
            } else {
                z2 = str.charAt(length3) == '>';
            }
        }
        return z2;
    }

    public static boolean testMethod(String str, String str2) {
        int length = str.length();
        boolean z = false;
        int indexOf = str.indexOf(" " + str2);
        boolean startsWith = str.startsWith(str2);
        if (indexOf < 0 && !startsWith) {
            return false;
        }
        int i = startsWith ? 0 : indexOf;
        while (true) {
            int i2 = i;
            if (z || i2 >= length) {
                break;
            }
            int indexOf2 = str.indexOf(i2 == 0 ? str2 : " " + str2, i2);
            if (indexOf2 < 0) {
                break;
            }
            int length2 = indexOf2 + str2.length() + (i2 == 0 ? 0 : 1);
            while (true) {
                if (length2 >= length) {
                    break;
                }
                if (Character.isSpaceChar(str.charAt(length2))) {
                    length2++;
                } else {
                    z = str.charAt(length2) == '(';
                }
            }
            if (z) {
                z = str.indexOf(41, length2) > 0;
            }
            i = length2;
        }
        return z;
    }

    public static boolean testKeywords(String str, String str2) {
        boolean startsWith = str.startsWith(str2 + " ");
        if (!startsWith) {
            startsWith = str.indexOf(new StringBuffer(" ").append(str2).append(" ").toString()) > -1;
        }
        if (!startsWith) {
            startsWith = str.endsWith(new StringBuffer(" ").append(str2).toString());
        }
        return startsWith;
    }
}
