package com.jeesuite.springweb.utils;

import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/jeesuite/springweb/utils/UnsafeCharCheckUtils.class */
public class UnsafeCharCheckUtils {
    private static final String[] SEARCH_LIST = {"'", "--", "<", ">", "%3C", "%3E", "%3c", "%3e", "&lt;", "&gt;"};
    private static final String[] REPLACEMENT_LIST = {"‘", "", "", "", "", "", "", "", "", ""};
    private static Pattern openclosePattern = Pattern.compile("<.*>(.*?)</.*>", 42);
    private static Pattern scriptPattern = Pattern.compile("<script>(.*?)</script>", 42);
    private static Pattern imgPattern = Pattern.compile("<img(.*?)>", 42);
    private static Pattern aPattern = Pattern.compile("<a>(.*?)</a>", 42);
    private static Pattern evalPattern = Pattern.compile("eval\\((.*?)\\)", 42);
    private static Pattern expressionPattern = Pattern.compile("e\u00adxpression\\((.*?)\\)", 42);
    private static Pattern onEventPattern = Pattern.compile("on(\\w{4,9})\\s+=", 42);

    /* loaded from: input_file:com/jeesuite/springweb/utils/UnsafeCharCheckUtils$CheckMode.class */
    public enum CheckMode {
        REPLACE,
        INTERCEPT
    }

    public static boolean isSafeString(String str, boolean z) {
        if (StringUtils.isBlank(str)) {
            return true;
        }
        if (!z) {
            return (openclosePattern.matcher(str).find() || imgPattern.matcher(str).find() || aPattern.matcher(str).find() || evalPattern.matcher(str).find() || expressionPattern.matcher(str).find() || onEventPattern.matcher(str).find()) ? false : true;
        }
        for (String str2 : SEARCH_LIST) {
            if (str.contains(str2)) {
                return false;
            }
        }
        return true;
    }

    public static String replaceSpecChars(String str) {
        if (StringUtils.isNotBlank(str)) {
            str = onEventPattern.matcher(expressionPattern.matcher(evalPattern.matcher(StringUtils.replaceEach(str.replaceAll("��", ""), SEARCH_LIST, REPLACEMENT_LIST)).replaceAll("")).replaceAll("")).replaceAll("");
        }
        return str;
    }

    public static void main(String[] strArr) {
        System.out.println(isSafeString("aaa@aa.com\"&gt;&lt;script&gt;alert(document.cookie)&lt;/script&gt;", true));
        System.out.println(replaceSpecChars("aaa@aa.com\"&gt;&lt;script&gt;alert(document.cookie)&lt;/script&gt;"));
    }
}
