package blackboard.platform.servlet;

import blackboard.platform.config.BbConfig;
import blackboard.platform.config.ConfigurationServiceFactory;
import blackboard.platform.log.LogServiceFactory;
import blackboard.platform.nautilus.BaseSourceId;
import blackboard.platform.reporting.Parameters;
import blackboard.platform.security.SecurityUtil;
import blackboard.platform.vxi.data.VirtualInstallation;
import blackboard.platform.vxi.service.VirtualInstallationManagerFactory;
import blackboard.util.StringUtil;
import blackboard.util.XSSUtil;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:blackboard/platform/servlet/XssServletFilter.class */
public class XssServletFilter implements Filter {
    private static final String EXCEPTION_FILE = "config/internal/bb-xss-global-filter-exceptions.txt";
    private Pattern _urlExceptionPattern;
    private XssFilterMode _filterMode;
    private boolean _isEnabled;

    public void init(FilterConfig filterConfig) throws ServletException {
        this._isEnabled = Boolean.parseBoolean(ConfigurationServiceFactory.getInstance().getBbProperty(BbConfig.GLOBAL_XSS_FILTER));
        try {
            this._filterMode = XssFilterMode.valueOf(ConfigurationServiceFactory.getInstance().getBbProperty(BbConfig.GLOBAL_XSS_FILTER_MODE));
        } catch (Exception e) {
            LogServiceFactory.getInstance().logError("Invalid value specified for bb-config property: bbconfig.global.xss.filter.mode", e);
            this._filterMode = XssFilterMode.FilterAllHtml;
        }
        try {
            this._urlExceptionPattern = generateUrlExceptionPattern(loadExceptionsFromFile(new File(ConfigurationServiceFactory.getInstance().getBlackboardDir(), EXCEPTION_FILE)));
        } catch (Exception e2) {
            LogServiceFactory.getInstance().logError("Could not load global xss filter exception config file.", e2);
        }
    }

    public Set<String> loadExceptionsFromFile(File file) throws IOException {
        HashSet hashSet = new HashSet();
        List<VirtualInstallation> allVirtualInstallations = VirtualInstallationManagerFactory.getInstance().getAllVirtualInstallations();
        BufferedReader bufferedReader = null;
        try {
            bufferedReader = new BufferedReader(new FileReader(file));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                String trim = readLine.trim();
                if (StringUtil.notEmpty(trim) && !trim.startsWith(Parameters.PARAM_SEP)) {
                    if (trim.indexOf("{bbuid}") >= 0) {
                        Iterator<VirtualInstallation> it = allVirtualInstallations.iterator();
                        while (it.hasNext()) {
                            hashSet.add(trim.replace("{bbuid}", it.next().getBbUid()));
                        }
                    } else {
                        hashSet.add(trim);
                    }
                }
            }
            if (bufferedReader != null) {
                bufferedReader.close();
            }
            return hashSet;
        } catch (Throwable th) {
            if (bufferedReader != null) {
                bufferedReader.close();
            }
            throw th;
        }
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!(servletRequest instanceof HttpServletRequest) || !(servletResponse instanceof HttpServletResponse) || !shouldFilter((HttpServletRequest) servletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        XssFilterMode xssFilterMode = this._filterMode;
        if (xssFilterMode != XssFilterMode.FilterDangerousHtml && SecurityUtil.userHasEntitlement(XSSUtil.XSS_ENTITLEMENT)) {
            xssFilterMode = XssFilterMode.FilterDangerousHtml;
        }
        filterChain.doFilter(new XssFilterRequestWrapper((HttpServletRequest) servletRequest, xssFilterMode), servletResponse);
    }

    public boolean shouldFilter(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        return this._isEnabled && RequestContextUtil.get().contextInitNeeded(requestURI) && !matchesException(requestURI);
    }

    private boolean matchesException(String str) {
        return this._urlExceptionPattern != null && this._urlExceptionPattern.matcher(str).find();
    }

    public Pattern generateUrlExceptionPattern(Set<String> set) {
        Pattern pattern = null;
        if (set != null && !set.isEmpty()) {
            StringBuilder sb = new StringBuilder();
            boolean z = true;
            for (String str : set) {
                if (!z) {
                    sb.append(BaseSourceId.SEPARATOR);
                }
                sb.append(Pattern.quote(str));
                z = false;
            }
            pattern = Pattern.compile(String.format("^(%s)", sb.toString()), 2);
        }
        return pattern;
    }

    public void setEnabled(boolean z) {
        this._isEnabled = z;
    }

    public void setUrlExceptionPattern(Pattern pattern) {
        this._urlExceptionPattern = pattern;
    }
}
