package fun.bigtable.kraken.util;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;

/* loaded from: input_file:fun/bigtable/kraken/util/XssEscapeUtils.class */
public class XssEscapeUtils {
    public static List<Pattern> patternList = new ArrayList();

    public static String escape(String str) {
        StringBuilder sb = new StringBuilder(str.length() + 16);
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case '%':
                    sb.append((char) 65285);
                    break;
                case '\'':
                    sb.append((char) 8216);
                    break;
                case '<':
                    sb.append((char) 65308);
                    break;
                case '>':
                    sb.append((char) 65310);
                    break;
                case '\\':
                    sb.append((char) 65340);
                    break;
                default:
                    sb.append(charAt);
                    break;
            }
        }
        return sb.toString();
    }

    public static String stripXSS(String str) {
        if (str != null) {
            Iterator<Pattern> it = patternList.iterator();
            while (it.hasNext()) {
                it.next().matcher(str).replaceAll("");
            }
        }
        return str;
    }

    public static boolean checkXSS(String str) {
        if (str == null) {
            return false;
        }
        Iterator<Pattern> it = patternList.iterator();
        while (it.hasNext()) {
            if (it.next().matcher(str).matches()) {
                return true;
            }
        }
        return false;
    }

    static {
        patternList.add(Pattern.compile("<script>(.*?)</script>", 2));
        patternList.add(Pattern.compile("src[\r\n]*=[\r\n]*\\'(.*?)\\'", 42));
        patternList.add(Pattern.compile("src[\r\n]*=[\r\n]*\\\"(.*?)\\\"", 42));
        patternList.add(Pattern.compile("</script>", 2));
        patternList.add(Pattern.compile("<script(.*?)>", 42));
        patternList.add(Pattern.compile("eval\\((.*?)\\)", 42));
        patternList.add(Pattern.compile("expression\\((.*?)\\)", 42));
        patternList.add(Pattern.compile("javascript:", 2));
        patternList.add(Pattern.compile("vbscript:", 2));
        patternList.add(Pattern.compile("onload(.*?)=", 42));
        patternList.add(Pattern.compile("<iframe>(.*?)</iframe>", 2));
        patternList.add(Pattern.compile("</iframe>", 2));
        patternList.add(Pattern.compile("<iframe(.*?)>", 42));
    }
}
