package com.apusic.util.filters;

import com.apusic.logging.Logger;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/apusic/util/filters/AntiXssFilter.class */
public class AntiXssFilter implements Filter {
    private static String CHECK_REFER = "checkRefer";
    private static String REDIRECT_PAGE = "redirectPage";
    private static String SERVERNAME_WHITELIST = "serverNameWhiteList";
    private String checkRefer = "false";
    private String redirectPage = null;
    private String serverNameWhiteList = "";
    private Logger log = Logger.getLogger(AntiXssFilter.class.getName());

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (!"true".equalsIgnoreCase(this.checkRefer) || isRefererOK(servletRequest, httpServletRequest.getHeader("Referer"))) {
            if (httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length()).lastIndexOf("/") <= 0) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            } else {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
        }
        this.log.warning("盗链来自：" + servletRequest.getRemoteAddr());
        if (this.redirectPage == null || this.redirectPage.length() <= 0) {
            servletRequest.getRequestDispatcher("refererError.jsp").forward(servletRequest, servletResponse);
        } else {
            servletRequest.getRequestDispatcher(this.redirectPage).forward(servletRequest, servletResponse);
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.log.info("AntiXssFilter started!");
        this.checkRefer = filterConfig.getInitParameter(CHECK_REFER);
        this.redirectPage = filterConfig.getInitParameter(REDIRECT_PAGE);
        this.serverNameWhiteList = filterConfig.getInitParameter(SERVERNAME_WHITELIST);
    }

    private boolean isRefererOK(ServletRequest servletRequest, String str) {
        if (str == null || str.length() <= 0 || str.contains(servletRequest.getServerName())) {
            return true;
        }
        if (this.serverNameWhiteList == null || this.serverNameWhiteList.length() <= 0) {
            return false;
        }
        for (String str2 : this.serverNameWhiteList.split(";")) {
            if (str.indexOf(str2) >= 0) {
                return true;
            }
        }
        return false;
    }
}
