package org.eclipse.help.internal.webapp.servlet;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Locale;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.eclipse.core.runtime.CoreException;
import org.eclipse.core.runtime.IConfigurationElement;
import org.eclipse.core.runtime.ILog;
import org.eclipse.core.runtime.Platform;
import org.eclipse.help.internal.webapp.WebappResources;
import org.eclipse.help.internal.webapp.data.UrlUtil;
import org.eclipse.help.internal.webapp.utils.Utils;

/* loaded from: input_file:org/eclipse/help/internal/webapp/servlet/ValidatorServlet.class */
public class ValidatorServlet extends HttpServlet {
    private static final long serialVersionUID = -3783758607845176051L;
    private final Hashtable<String, HttpServlet> servletTable = new Hashtable<>();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/eclipse/help/internal/webapp/servlet/ValidatorServlet$HttpServletResponseAdv.class */
    public class HttpServletResponseAdv extends HttpServletResponseWrapper {
        private final HttpServletResponse response;
        private ServletPrintWriter writer;
        private ServletOutputStream stream;

        public HttpServletResponseAdv(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
            this.response = httpServletResponse;
        }

        public PrintWriter getWriter() {
            if (this.writer == null && this.stream == null) {
                this.writer = new ServletPrintWriter();
            }
            return this.writer;
        }

        public ServletOutputStream getOutputStream() throws IOException {
            if (this.stream == null && this.writer == null) {
                this.stream = this.response.getOutputStream();
            }
            return this.stream;
        }

        public void commitOutput() throws IOException {
            ServletOutputStream outputStream = this.response.getOutputStream();
            InputStream inputStream = getInputStream();
            if (inputStream != null) {
                Utils.transferContent(inputStream, outputStream);
            }
            outputStream.flush();
        }

        public InputStream getInputStream() {
            if (this.writer == null) {
                return null;
            }
            try {
                return new ByteArrayInputStream(this.writer.toString().getBytes(getCharacterEncoding()));
            } catch (UnsupportedEncodingException e) {
                e.printStackTrace();
                return null;
            }
        }

        public String getString() {
            if (this.writer != null) {
                return this.writer.toString();
            }
            return null;
        }
    }

    protected void process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        String substring = stringBuffer.substring(0, stringBuffer.indexOf(httpServletRequest.getServletPath()));
        Locale localeObj = UrlUtil.getLocaleObj(httpServletRequest, httpServletResponse);
        String substring2 = httpServletRequest.getRequestURL().toString().substring(substring.length() + "/vs".length());
        try {
            HttpServletResponseAdv httpServletResponseAdv = new HttpServletResponseAdv(httpServletResponse);
            HttpServlet servlet = getServlet(substring2);
            servlet.init(getServletConfig());
            servlet.service(httpServletRequest, httpServletResponseAdv);
            if (isSecure(httpServletRequest, httpServletResponseAdv)) {
                httpServletResponseAdv.commitOutput();
            }
        } catch (Exception e) {
            String string = WebappResources.getString("cantCreateServlet", localeObj, substring2);
            ILog.of(getClass()).error(string, e);
            PrintWriter writer = httpServletResponse.getWriter();
            writer.println(string);
            e.printStackTrace(writer);
            httpServletResponse.sendError(500);
        }
    }

    private HttpServlet getServlet(String str) throws CoreException {
        HttpServlet httpServlet = this.servletTable.get(str);
        if (httpServlet == null) {
            IConfigurationElement[] configurationElementsFor = Platform.getExtensionRegistry().getConfigurationElementsFor("org.eclipse.help.webapp.validatedServlet");
            int length = configurationElementsFor.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                IConfigurationElement iConfigurationElement = configurationElementsFor[i];
                String attribute = iConfigurationElement.getAttribute("alias");
                if (attribute != null && isMatch(attribute, str)) {
                    httpServlet = (HttpServlet) iConfigurationElement.createExecutableExtension("class");
                    this.servletTable.put(str, httpServlet);
                    break;
                }
                i++;
            }
        }
        return httpServlet;
    }

    private boolean isMatch(String str, String str2) {
        char charAt;
        if (str2.indexOf(str) != 0) {
            return false;
        }
        int length = str.length();
        return str2.length() == length || (charAt = str2.charAt(length)) == '/' || charAt == '?';
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        process(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        process(httpServletRequest, httpServletResponse);
    }

    public boolean isSecure(HttpServletRequest httpServletRequest, HttpServletResponseAdv httpServletResponseAdv) throws SecurityException {
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        while (parameterNames.hasMoreElements()) {
            String parameter = httpServletRequest.getParameter((String) parameterNames.nextElement());
            arrayList.add(parameter);
            if (replaceAll(parameter, '+', "").indexOf("<script") > -1) {
                arrayList2.add(parameter);
            }
        }
        if (httpServletResponseAdv.getWriter() == null) {
            return true;
        }
        String string = httpServletResponseAdv.getString();
        Iterator it = arrayList2.iterator();
        while (it.hasNext()) {
            if (string.indexOf((String) it.next()) > -1) {
                throw new SecurityException("Potential cross-site scripting detected.");
            }
        }
        return true;
    }

    public String replaceAll(String str, char c, String str2) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (charAt == c) {
                sb.append(str2);
            } else {
                sb.append(charAt);
            }
        }
        return sb.toString();
    }
}
