package com.ailikes.common.security.filter.base;

import com.ailikes.common.security.constant.SecurityConstant;
import com.ailikes.common.security.utils.ResponseHeaderSecurityCheck;
import com.ailikes.common.security.utils.XssUtil;
import java.io.IOException;
import java.util.Iterator;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;

/* loaded from: input_file:com/ailikes/common/security/filter/base/SecurityHttpServletResponse.class */
public class SecurityHttpServletResponse extends HttpServletResponseWrapper {
    private static final int MAX_COOKIE_SIZE = 4096;
    private int length;

    public SecurityHttpServletResponse(HttpServletResponse httpServletResponse) {
        super(httpServletResponse);
        this.length = 0;
    }

    public void addCookie(Cookie cookie) {
        if (this.length + cookie.getValue().length() > MAX_COOKIE_SIZE) {
            return;
        }
        if (!isInWhiteList(cookie)) {
            throw new RuntimeException("cookie:" + cookie.getName() + " is not in whitelist,not valid.");
        }
        super.addCookie(ResponseHeaderSecurityCheck.checkCookie(cookie));
        this.length += cookie.getValue().length();
    }

    public void setDateHeader(String str, long j) {
        super.setDateHeader(ResponseHeaderSecurityCheck.filterCLRF(str), j);
    }

    public void setIntHeader(String str, int i) {
        super.setIntHeader(ResponseHeaderSecurityCheck.filterCLRF(str), i);
    }

    public void addHeader(String str, String str2) {
        super.addHeader(ResponseHeaderSecurityCheck.filterCLRF(str), XssUtil.xssFilter(ResponseHeaderSecurityCheck.filterCLRF(str2), null));
    }

    public void setHeader(String str, String str2) {
        super.setHeader(ResponseHeaderSecurityCheck.filterCLRF(str), XssUtil.xssFilter(ResponseHeaderSecurityCheck.filterCLRF(str2), null));
    }

    public void sendRedirect(String str) throws IOException {
        if (!ResponseHeaderSecurityCheck.checkRedirectValid(str)) {
            throw new RuntimeException("redirect location " + str + " is not valid.");
        }
        super.sendRedirect(str);
    }

    public void setStatus(int i, String str) {
        super.setStatus(i, XssUtil.xssFilter(str, null));
    }

    private boolean isInWhiteList(Cookie cookie) {
        if (cookie == null || cookie.getName() == null) {
            return false;
        }
        Iterator<String> it = SecurityConstant.cookieWhiteList.iterator();
        while (it.hasNext()) {
            if (it.next().equalsIgnoreCase(cookie.getName())) {
                return true;
            }
        }
        return false;
    }
}
