package org.jamwiki.parser.jflex;

import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
import org.jamwiki.Environment;
import org.jamwiki.parser.ParserException;
import org.jamwiki.parser.ParserInput;
import org.jamwiki.parser.ParserOutput;
import org.jamwiki.utils.WikiLogger;

/* loaded from: input_file:WEB-INF/lib/jamwiki-core.jar:org/jamwiki/parser/jflex/JavascriptTag.class */
public class JavascriptTag implements JFlexParserTag {
    private static final WikiLogger logger = WikiLogger.getLogger(JavascriptTag.class.getName());

    @Override // org.jamwiki.parser.jflex.JFlexParserTag
    public String parse(JFlexLexer jFlexLexer, String str, Object... objArr) throws ParserException {
        if (logger.isTraceEnabled()) {
            logger.trace("javascript: " + str + " (" + jFlexLexer.yystate() + ")");
        }
        return StringUtils.isBlank(str) ? str : parseScriptTag(jFlexLexer.getParserInput(), jFlexLexer.getParserOutput(), str, jFlexLexer.getMode());
    }

    private String parsePostProcess(ParserInput parserInput, String str) {
        if (Environment.getBooleanValue(Environment.PROP_PARSER_ALLOW_JAVASCRIPT)) {
            return str;
        }
        logger.warn("Potential XSS attack detected from user " + parserInput.getUserDisplay() + ": " + str);
        return StringEscapeUtils.escapeHtml(str);
    }

    private String parseScriptTag(ParserInput parserInput, ParserOutput parserOutput, String str, int i) throws ParserException {
        if (i >= 9) {
            return parsePostProcess(parserInput, str);
        }
        int indexOf = str.indexOf(62);
        String substring = str.substring(0, indexOf + 1);
        String substring2 = str.substring(indexOf + 1);
        int lastIndexOf = substring2.lastIndexOf(60);
        String substring3 = substring2.substring(lastIndexOf);
        String substring4 = substring2.substring(0, lastIndexOf);
        if (!Environment.getBooleanValue(Environment.PROP_PARSER_ALLOW_JAVASCRIPT)) {
            return StringEscapeUtils.escapeHtml(substring) + JFlexParserUtil.parseFragment(parserInput, parserOutput, substring4, i) + StringEscapeUtils.escapeHtml(substring3);
        }
        JFlexTagItem jFlexTagItem = new JFlexTagItem("script", substring);
        jFlexTagItem.getTagContent().append(substring4);
        return jFlexTagItem.toHtml();
    }
}
