package org.owasp.esapi.waf.rules;

import java.util.List;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.owasp.esapi.waf.actions.Action;
import org.owasp.esapi.waf.actions.DoNothingAction;
import org.owasp.esapi.waf.internal.InterceptingHTTPServletResponse;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/esapi-2.1.0.1.jar:org/owasp/esapi/waf/rules/AddHeaderRule.class
  input_file:WEB-INF/lib/wss4j-1.5.11-wso2v19.jar:esapi-2.1.0.1.jar:org/owasp/esapi/waf/rules/AddHeaderRule.class
 */
/* loaded from: input_file:WEB-INF/lib/rampart-core-1.6.1-wso2v42.jar:esapi-2.1.0.1.jar:org/owasp/esapi/waf/rules/AddHeaderRule.class */
public class AddHeaderRule extends Rule {
    private String header;
    private String value;
    private Pattern path;
    private List<Object> exceptions;

    public AddHeaderRule(String str, String str2, String str3, Pattern pattern, List<Object> list) {
        setId(str);
        this.header = str2;
        this.value = str3;
        this.path = pattern;
        this.exceptions = list;
    }

    @Override // org.owasp.esapi.waf.rules.Rule
    public Action check(HttpServletRequest httpServletRequest, InterceptingHTTPServletResponse interceptingHTTPServletResponse, HttpServletResponse httpServletResponse) {
        DoNothingAction doNothingAction = new DoNothingAction();
        if (this.path.matcher(httpServletRequest.getRequestURI()).matches()) {
            for (int i = 0; i < this.exceptions.size(); i++) {
                Object obj = this.exceptions.get(i);
                if (obj instanceof String) {
                    if (httpServletRequest.getRequestURI().equals((String) obj)) {
                        doNothingAction.setFailed(false);
                        doNothingAction.setActionNecessary(false);
                        return doNothingAction;
                    }
                } else if ((obj instanceof Pattern) && ((Pattern) obj).matcher(httpServletRequest.getRequestURI()).matches()) {
                    doNothingAction.setFailed(false);
                    doNothingAction.setActionNecessary(false);
                    return doNothingAction;
                }
            }
            doNothingAction.setFailed(true);
            doNothingAction.setActionNecessary(false);
            if (interceptingHTTPServletResponse != null) {
                interceptingHTTPServletResponse.setHeader(this.header, this.value);
            } else {
                httpServletResponse.setHeader(this.header, this.value);
            }
        }
        return doNothingAction;
    }
}
