package org.n52.security.service.config.support;

import java.util.ArrayList;
import java.util.List;
import java.util.regex.Pattern;

/* loaded from: input_file:org/n52/security/service/config/support/XSSCleaner.class */
public class XSSCleaner {
    private static final List FORBIDDEN_TAGS = new ArrayList();
    private StringBuilder m_patternBuilder = new StringBuilder();
    private Pattern m_pattern;

    public XSSCleaner() {
        this.m_patternBuilder.append("(?i)");
        appendInlineJavascriptPattern();
        appendMochaPattern();
        appendVBScriptPattern();
        appendLivescriptPattern();
        appendEventPattern();
        appendEvalPattern();
        appendExpressionPattern();
        appendForbiddenTags();
        this.m_pattern = Pattern.compile(this.m_patternBuilder.toString());
    }

    private void appendInlineJavascriptPattern() {
        appendPatternAndPrepareForNextPattern("(?:<.*javascript:.*>.*</.*>)|(?:<.*javascript:.*>)");
    }

    private void appendMochaPattern() {
        appendPatternAndPrepareForNextPattern("(?:<.*mocha:.*>.*</.*>)|(?:<.*mocha:.*>)");
    }

    private void appendVBScriptPattern() {
        appendPatternAndPrepareForNextPattern("(?:<.*vbscript:.*>.*</.*>)|(?:<.*vbscript:.*>)");
    }

    private void appendLivescriptPattern() {
        appendPatternAndPrepareForNextPattern("(?:<.*livescript:.*>.*</.*>)|(?:<.*livescript:.*>)");
    }

    private void appendEventPattern() {
        appendPatternAndPrepareForNextPattern("(?:<.*\\s+on.*>.*</.*>)|(?:<.*\\s+on.*>)");
    }

    private void appendEvalPattern() {
        appendPatternAndPrepareForNextPattern("(?:<.*eval.*>.*</.*>)|(?:<.*eval.*>)");
    }

    private void appendExpressionPattern() {
        this.m_patternBuilder.append("(?:<.*expression.*>.*</.*>)|(?:<.*expression.*>)");
    }

    private void appendForbiddenTags() {
        for (String str : FORBIDDEN_TAGS) {
            this.m_patternBuilder.append("|");
            this.m_patternBuilder.append(new StringBuffer().append("(?:<").append(str).append("\\s?.*>.*</script\\s*>)|(?:<").append(str).append("\\s?.*>.*)").toString());
        }
    }

    private void appendPatternAndPrepareForNextPattern(String str) {
        this.m_patternBuilder.append(str);
        this.m_patternBuilder.append("|");
    }

    public String[] cleanValues(String[] strArr) {
        int length = strArr.length;
        String[] strArr2 = new String[length];
        for (int i = 0; i < length; i++) {
            strArr2[i] = cleanValue(strArr[i]);
        }
        return strArr2;
    }

    public String cleanValue(String str) {
        return removeControllCharacters(this.m_pattern.matcher(str).replaceAll(""));
    }

    private String removeControllCharacters(String str) {
        return str.replace("��", "").replace("\u0001", "").replace("\u0002", "").replace("\u0003", "").replace("\u0004", "").replace("\u0005", "").replace("\u0006", "").replace("\u0007", "").replace("\b", "").replace("\t", "").replace("\n", "").replace("\u000b", "").replace("\f", "").replace("\r", "").replace("\u000e", "").replace("\u000f", "").replace("\u0010", "").replace("\u0011", "").replace("\u0012", "").replace("\u0013", "").replace("\u0014", "").replace("\u0015", "").replace("\u0016", "").replace("\u0017", "").replace("\u0018", "").replace("\u0019", "").replace("\u001a", "").replace("\u001b", "").replace("\u001c", "").replace("\u001d", "").replace("\u001e", "").replace("\u001f", "");
    }

    static {
        FORBIDDEN_TAGS.add("script");
        FORBIDDEN_TAGS.add("form");
        FORBIDDEN_TAGS.add("applet");
        FORBIDDEN_TAGS.add("embed");
        FORBIDDEN_TAGS.add("object");
        FORBIDDEN_TAGS.add("layer");
        FORBIDDEN_TAGS.add("style");
        FORBIDDEN_TAGS.add("meta");
        FORBIDDEN_TAGS.add("iframe");
        FORBIDDEN_TAGS.add("frame");
        FORBIDDEN_TAGS.add("link");
        FORBIDDEN_TAGS.add("import");
    }
}
