package com.ajaxjs.web.security;

import java.util.function.Function;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/ajaxjs/web/security/Filter.class */
public class Filter {
    private static Pattern CRLF_Pattern = Pattern.compile("\\r|\\n");
    private static String reg = "(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|(\\b(select|update|union|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute)\\b)";
    private static Pattern SQL_Pattern = Pattern.compile(reg, 2);
    private static final Pattern XSS_Pattern = Pattern.compile("<script[^>]*?>.*?</script>");

    /* loaded from: input_file:com/ajaxjs/web/security/Filter$Handle.class */
    public enum Handle {
        TYPE_ESCAPSE,
        TYPE_DELETE
    }

    private static String clean(String str, Pattern pattern, Function<Matcher, String> function) {
        if (!StringUtils.hasText(str)) {
            return str;
        }
        Matcher matcher = pattern.matcher(str);
        return matcher.find() ? function == null ? matcher.replaceAll("") : function.apply(matcher) : str;
    }

    public static String cleanCRLF(String str) {
        return clean(str, CRLF_Pattern, null);
    }

    public static String cleanSqlInject(String str) {
        return clean(str, SQL_Pattern, null);
    }

    public static String cleanXSS(String str) {
        return cleanXSS(str, Handle.TYPE_DELETE);
    }

    public static String cleanXSS(String str, Handle handle) {
        return clean(str, XSS_Pattern, matcher -> {
            return handle == Handle.TYPE_DELETE ? matcher.replaceAll("") : matcher.group().replace("<", "&lt;").replace(">", "&gt;");
        });
    }
}
