package org.wso2.carbon.ui.filters;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.base.ServerConfiguration;

/* loaded from: input_file:org/wso2/carbon/ui/filters/CRLFPreventionFilter.class */
public class CRLFPreventionFilter implements Filter {
    private static final String CRLF_CONFIG_ENABLED_PROPERTY = "Security.CRLFPreventionConfig.Enabled";
    private static boolean CRLFPreventionEnabled = false;

    /* loaded from: input_file:org/wso2/carbon/ui/filters/CRLFPreventionFilter$CRLFResponseWrapper.class */
    protected static class CRLFResponseWrapper extends HttpServletResponseWrapper {
        public CRLFResponseWrapper(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void addCookie(Cookie cookie) {
            cookie.setValue(sanitize(cookie.getValue()));
            super.addCookie(cookie);
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void addHeader(String str, String str2) {
            super.addHeader(sanitize(str), sanitize(str2));
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void setHeader(String str, String str2) {
            super.setHeader(sanitize(str), sanitize(str2));
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void sendRedirect(String str) throws IOException {
            super.sendRedirect(sanitize(str));
        }

        private String sanitize(String str) {
            return StringUtils.isBlank(str) ? str : str.replaceAll("(\\r|\\n|%0D|%0A|%0a|%0d)", "");
        }
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
        if (serverConfiguration.getFirstProperty(CRLF_CONFIG_ENABLED_PROPERTY) == null || !Boolean.parseBoolean(serverConfiguration.getFirstProperty(CRLF_CONFIG_ENABLED_PROPERTY))) {
            return;
        }
        CRLFPreventionEnabled = true;
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (CRLFPreventionEnabled && (servletResponse instanceof HttpServletResponse)) {
            filterChain.doFilter(servletRequest, new CRLFResponseWrapper((HttpServletResponse) servletResponse));
        } else {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
