package com.ailikes.common.security.utils;

import com.ailikes.common.security.constant.SecurityConstant;
import java.util.Iterator;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;

/* loaded from: input_file:com/ailikes/common/security/utils/ResponseHeaderSecurityCheck.class */
public class ResponseHeaderSecurityCheck {
    public static Cookie checkCookie(Cookie cookie) {
        if (cookie == null) {
            return cookie;
        }
        String name = cookie.getName();
        String value = cookie.getValue();
        if (containCLRF(name)) {
            throw new RuntimeException("cookie name could not contain CLRF " + name);
        }
        Cookie cookie2 = new Cookie(name, filterCLRF(value));
        cookie2.setComment(cookie.getComment());
        if (cookie.getDomain() != null) {
            cookie2.setDomain(cookie.getDomain());
        }
        if (ClassUtil.checkIfExsit(Cookie.class, "setHttpOnly") && ClassUtil.checkIfExsit(Cookie.class, "isHttpOnly")) {
            cookie2.setHttpOnly(cookie.isHttpOnly());
        }
        cookie2.setMaxAge(cookie.getMaxAge());
        cookie2.setPath(cookie.getPath());
        cookie2.setSecure(cookie.getSecure());
        cookie2.setVersion(cookie.getVersion());
        return cookie2;
    }

    private static boolean containCLRF(String str) {
        if (str == null || str.isEmpty()) {
            return false;
        }
        for (int i = 0; i < str.length(); i++) {
            if (str.charAt(i) == '\r' || str.charAt(i) == '\n') {
                return true;
            }
        }
        return false;
    }

    public static String filterCLRF(String str) {
        if (str == null || str.isEmpty()) {
            return str;
        }
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < str.length(); i++) {
            if (str.charAt(i) != '\r' && str.charAt(i) != '\n') {
                sb.append(str.charAt(i));
            }
        }
        return sb.toString();
    }

    public static boolean checkRedirectValid(String str) {
        if (str == null || str.isEmpty()) {
            return false;
        }
        Iterator<Pattern> it = SecurityConstant.redirectLocationWhiteList.iterator();
        while (it.hasNext()) {
            if (it.next().matcher(str).find()) {
                return true;
            }
        }
        return false;
    }
}
