package org.owasp.esapi.waf.rules;

import java.util.Enumeration;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.owasp.esapi.waf.actions.Action;
import org.owasp.esapi.waf.actions.DefaultAction;
import org.owasp.esapi.waf.actions.DoNothingAction;
import org.owasp.esapi.waf.internal.InterceptingHTTPServletRequest;
import org.owasp.esapi.waf.internal.InterceptingHTTPServletResponse;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/opensaml-2.6.4.wso2v5.jar:esapi-2.0.1.jar:org/owasp/esapi/waf/rules/GeneralAttackSignatureRule.class
 */
/* loaded from: input_file:WEB-INF/lib/esapi-2.0.1.jar:org/owasp/esapi/waf/rules/GeneralAttackSignatureRule.class */
public class GeneralAttackSignatureRule extends Rule {
    private Pattern signature;

    public GeneralAttackSignatureRule(String str, Pattern pattern) {
        this.signature = pattern;
        setId(str);
    }

    @Override // org.owasp.esapi.waf.rules.Rule
    public Action check(HttpServletRequest httpServletRequest, InterceptingHTTPServletResponse interceptingHTTPServletResponse, HttpServletResponse httpServletResponse) {
        InterceptingHTTPServletRequest interceptingHTTPServletRequest = (InterceptingHTTPServletRequest) httpServletRequest;
        Enumeration<String> parameterNames = interceptingHTTPServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String nextElement = parameterNames.nextElement();
            if (this.signature.matcher(interceptingHTTPServletRequest.getDictionaryParameter(nextElement)).matches()) {
                log(interceptingHTTPServletRequest, "General attack signature detected in parameter '" + nextElement + "' value '" + interceptingHTTPServletRequest.getDictionaryParameter(nextElement) + "'");
                return new DefaultAction();
            }
        }
        return new DoNothingAction();
    }
}
