package org.opennms.web.servlet;

import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.opennms.core.utils.WebSecurityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opennms/web/servlet/XssRequestWrapper.class */
public class XssRequestWrapper extends HttpServletRequestWrapper {
    private static final Logger LOG = LoggerFactory.getLogger(XssRequestWrapper.class);
    private Map<String, String[]> sanitized_parameters;
    private Map<String, String[]> original_parameters;

    public XssRequestWrapper(HttpServletRequest httpServletRequest) {
        super(httpServletRequest);
        this.original_parameters = httpServletRequest.getParameterMap();
        this.sanitized_parameters = getParameterMap();
        snzLogger();
    }

    public String getParameter(String str) {
        String[] strArr = getParameterMap().get(str);
        if (strArr == null || strArr.length <= 0) {
            return null;
        }
        return strArr[0];
    }

    public Map<String, String[]> getParameterMap() {
        if (this.sanitized_parameters == null) {
            this.sanitized_parameters = sanitizeParamMap(this.original_parameters);
        }
        return this.sanitized_parameters;
    }

    public String[] getParameterValues(String str) {
        return getParameterMap().get(str);
    }

    public void removeAttribute(String str) {
        super.getRequest().removeAttribute(str);
    }

    public void setAttribute(String str, Object obj) {
        super.getRequest().setAttribute(str, obj);
    }

    public Object getAttribute(String str) {
        return super.getRequest().getAttribute(str);
    }

    public void setCharacterEncoding(String str) throws UnsupportedEncodingException {
        super.getRequest().setCharacterEncoding(str);
    }

    public String getCharacterEncoding() {
        return super.getRequest().getCharacterEncoding();
    }

    private static Map<String, String[]> sanitizeParamMap(Map<String, String[]> map) {
        HashMap hashMap = new HashMap();
        if (map == null) {
            return hashMap;
        }
        for (Map.Entry<String, String[]> entry : map.entrySet()) {
            String key = entry.getKey();
            String[] value = entry.getValue();
            String[] strArr = new String[value.length];
            for (int i = 0; i < value.length; i++) {
                strArr[i] = WebSecurityUtils.sanitizeString(value[i]);
            }
            hashMap.put(key, strArr);
        }
        return hashMap;
    }

    private void snzLogger() {
        for (Map.Entry<String, String[]> entry : this.original_parameters.entrySet()) {
            String key = entry.getKey();
            String[] value = entry.getValue();
            String[] strArr = this.sanitized_parameters.get(key);
            if (value != null && value.length > 0) {
                for (int i = 0; i < value.length; i++) {
                    if (value[i].equals(strArr[i])) {
                        LOG.debug("Sanitization. Param seems safe: {}[{}]={}", new Object[]{key, Integer.valueOf(i), strArr[i]});
                    } else {
                        LOG.debug("Sanitization. Param modified: {}[{}]={}", new Object[]{key, Integer.valueOf(i), strArr[i]});
                    }
                }
            }
        }
    }
}
