package org.owasp.esapi.waf.rules;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.owasp.esapi.waf.actions.Action;
import org.owasp.esapi.waf.actions.DefaultAction;
import org.owasp.esapi.waf.actions.DoNothingAction;
import org.owasp.esapi.waf.configuration.AppGuardianConfiguration;
import org.owasp.esapi.waf.internal.InterceptingHTTPServletResponse;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/esapi-2.1.0.1.jar:org/owasp/esapi/waf/rules/DetectOutboundContentRule.class
  input_file:WEB-INF/lib/wss4j-1.5.11-wso2v19.jar:esapi-2.1.0.1.jar:org/owasp/esapi/waf/rules/DetectOutboundContentRule.class
 */
/* loaded from: input_file:WEB-INF/lib/rampart-core-1.6.1-wso2v42.jar:esapi-2.1.0.1.jar:org/owasp/esapi/waf/rules/DetectOutboundContentRule.class */
public class DetectOutboundContentRule extends Rule {
    private Pattern contentType;
    private Pattern pattern;
    private Pattern uri;

    public DetectOutboundContentRule(String str, Pattern pattern, Pattern pattern2, Pattern pattern3) {
        this.contentType = pattern;
        this.pattern = pattern2;
        this.uri = pattern3;
        setId(str);
    }

    @Override // org.owasp.esapi.waf.rules.Rule
    public Action check(HttpServletRequest httpServletRequest, InterceptingHTTPServletResponse interceptingHTTPServletResponse, HttpServletResponse httpServletResponse) {
        String contentType;
        String characterEncoding;
        if (this.uri != null && !this.uri.matcher(httpServletRequest.getRequestURI()).matches()) {
            return new DoNothingAction();
        }
        if (interceptingHTTPServletResponse != null) {
            if (interceptingHTTPServletResponse.getContentType() == null) {
                interceptingHTTPServletResponse.setContentType(AppGuardianConfiguration.DEFAULT_CONTENT_TYPE);
            }
            contentType = interceptingHTTPServletResponse.getContentType();
            characterEncoding = interceptingHTTPServletResponse.getCharacterEncoding();
        } else {
            if (httpServletResponse.getContentType() == null) {
                httpServletResponse.setContentType(AppGuardianConfiguration.DEFAULT_CONTENT_TYPE);
            }
            contentType = httpServletResponse.getContentType();
            characterEncoding = httpServletResponse.getCharacterEncoding();
        }
        if (this.contentType.matcher(contentType).matches()) {
            try {
                try {
                    if (this.pattern.matcher(new String(interceptingHTTPServletResponse.getInterceptingServletOutputStream().getResponseBytes(), characterEncoding)).matches()) {
                        log(httpServletRequest, "Content pattern '" + this.pattern.pattern() + "' was found in response to URL: '" + ((Object) httpServletRequest.getRequestURL()) + "'");
                        return new DefaultAction();
                    }
                } catch (IOException e) {
                    log(httpServletRequest, "Error matching pattern '" + this.pattern.pattern() + "', IOException encountered (possibly too large?): " + e.getMessage() + " (in response to URL: '" + ((Object) httpServletRequest.getRequestURL()) + "')");
                    return new DoNothingAction();
                }
            } catch (UnsupportedEncodingException e2) {
                log(httpServletRequest, "Content pattern '" + this.pattern.pattern() + "' could not be found due to encoding error: " + e2.getMessage());
            }
        }
        return new DoNothingAction();
    }
}
