package com.cfwx.rox.web.common.filter;

import com.cfwx.rox.web.common.ConfigProperties;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.cxf.jaxrs.ext.search.FiqlParser;
import org.aspectj.weaver.model.AsmRelationshipUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:WEB-INF/lib/WebCommon-1.0-RELEASE.jar:com/cfwx/rox/web/common/filter/UrlPattenInterceptor.class */
public class UrlPattenInterceptor extends HandlerInterceptorAdapter {
    public HttpServletRequest request;
    public HttpServletResponse response;
    protected static Logger logger = LoggerFactory.getLogger(UrlPattenInterceptor.class);
    public static List<String> illegalUrlSymbols = new ArrayList();
    public static List<String> illegalParameterSymbols = new ArrayList();

    private static void init() {
        for (String str : ConfigProperties.getStringValue("illegalUrlSymbols").split(FiqlParser.AND)) {
            illegalUrlSymbols.add(str);
        }
        for (String str2 : ConfigProperties.getStringValue("illegalParameterSymbols").split(FiqlParser.AND)) {
            illegalParameterSymbols.add(str2);
        }
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        this.request = httpServletRequest;
        this.response = httpServletResponse;
        String requestURI = httpServletRequest.getRequestURI();
        String contextPath = httpServletRequest.getContextPath();
        Iterator<String> it = illegalUrlSymbols.iterator();
        while (it.hasNext()) {
            if (requestURI.contains(it.next())) {
                if (!"XMLHttpRequest".equals(httpServletRequest.getHeader("X-Requested-With"))) {
                    httpServletResponse.sendRedirect(contextPath + "/home/error");
                    return false;
                }
                httpServletResponse.addHeader("sessionstatus", AsmRelationshipUtils.DECLARE_ERROR);
                httpServletResponse.addHeader("loginPath", "/home/error");
                return false;
            }
        }
        Iterator<Map.Entry<String, String[]>> it2 = httpServletRequest.getParameterMap().entrySet().iterator();
        while (it2.hasNext()) {
            String[] value = it2.next().getValue();
            if (value != null) {
                String str = "";
                for (String str2 : value) {
                    str = str + str2;
                }
                if ("".equals(str)) {
                    continue;
                } else {
                    Iterator<String> it3 = illegalParameterSymbols.iterator();
                    while (it3.hasNext()) {
                        if (str.contains(it3.next())) {
                            if (!"XMLHttpRequest".equals(httpServletRequest.getHeader("X-Requested-With"))) {
                                httpServletResponse.sendRedirect(contextPath + "/home/error");
                                return false;
                            }
                            httpServletResponse.addHeader("sessionstatus", AsmRelationshipUtils.DECLARE_ERROR);
                            httpServletResponse.addHeader("loginPath", "/home/error");
                            return false;
                        }
                    }
                }
            }
        }
        return super.preHandle(httpServletRequest, httpServletResponse, obj);
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
    }

    static {
        init();
    }
}
