package org.owasp.esapi.waf.rules;

import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.owasp.esapi.waf.actions.Action;
import org.owasp.esapi.waf.actions.DefaultAction;
import org.owasp.esapi.waf.actions.DoNothingAction;
import org.owasp.esapi.waf.internal.InterceptingHTTPServletResponse;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/esapi-2.1.0.1.jar:org/owasp/esapi/waf/rules/PathExtensionRule.class
  input_file:WEB-INF/lib/org.apache.rampart.wso2-rampart-trust-1.6.1-wso2v42.jar:esapi-2.1.0.1.jar:org/owasp/esapi/waf/rules/PathExtensionRule.class
  input_file:WEB-INF/lib/rampart-core-1.6.1-wso2v42.jar:esapi-2.1.0.1.jar:org/owasp/esapi/waf/rules/PathExtensionRule.class
 */
/* loaded from: input_file:WEB-INF/lib/wss4j-1.5.11-wso2v19.jar:esapi-2.1.0.1.jar:org/owasp/esapi/waf/rules/PathExtensionRule.class */
public class PathExtensionRule extends Rule {
    private Pattern allow;
    private Pattern deny;

    public PathExtensionRule(String str, Pattern pattern, Pattern pattern2) {
        this.allow = pattern;
        this.deny = pattern2;
        setId(str);
    }

    @Override // org.owasp.esapi.waf.rules.Rule
    public Action check(HttpServletRequest httpServletRequest, InterceptingHTTPServletResponse interceptingHTTPServletResponse, HttpServletResponse httpServletResponse) {
        if (this.allow != null && this.allow.matcher(httpServletRequest.getRequestURI()).matches()) {
            return new DoNothingAction();
        }
        if (this.deny == null || !this.deny.matcher(httpServletRequest.getRequestURI()).matches()) {
            return new DoNothingAction();
        }
        log(httpServletRequest, "Disallowed extension pattern '" + this.deny.pattern() + "' found on URI '" + httpServletRequest.getRequestURI() + "'");
        return new DefaultAction();
    }
}
