package org.wso2.carbon.jaggeryapp.template.deployer.internal.util;

import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xerces.util.SecurityManager;
import org.wso2.carbon.jaggeryapp.template.deployer.internal.JaggeryappTemplateDeployerException;

/* loaded from: input_file:org/wso2/carbon/jaggeryapp/template/deployer/internal/util/JaggeryappTemplateDeployerHelper.class */
public class JaggeryappTemplateDeployerHelper {
    private static final Log log = LogFactory.getLog(JaggeryappTemplateDeployerHelper.class);

    public static void validateFilePath(String str) throws JaggeryappTemplateDeployerException {
        if (str.contains("../") || str.contains("..\\")) {
            throw new JaggeryappTemplateDeployerException("File name contains restricted path elements. " + str);
        }
    }

    public static DocumentBuilderFactory getSecuredDocumentBuilder() {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        newInstance.setXIncludeAware(false);
        newInstance.setExpandEntityReferences(false);
        try {
            newInstance.setFeature("http://xml.org/sax/features/external-general-entities", false);
            newInstance.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
            newInstance.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
        } catch (ParserConfigurationException e) {
            log.error("Failed to load XML Processor Feature external-general-entities or external-parameter-entities or nonvalidating/load-external-dtd");
        }
        SecurityManager securityManager = new SecurityManager();
        securityManager.setEntityExpansionLimit(0);
        newInstance.setAttribute("http://apache.org/xml/properties/security-manager", securityManager);
        return newInstance;
    }
}
