package com.jxdinfo.hussar.common.firewall.xss;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:com/jxdinfo/hussar/common/firewall/xss/XssPattern.class */
public class XssPattern {
    static final Pattern DIVINE_LEVEL_PATTERN = Pattern.compile(".*([\\\\s%09]*(j|&\\#[0]{0,4}106|&\\#x[0]{0,4}6a)[\\\\s%09]*(a|&\\#[0]{0,4}97|&\\#x[0]{0,4}61)[\\\\s%09]*(v|&\\#[0]{0,4}118|&\\#x[0]{0,4}76)[\\\\s%09]*(a|&\\#[0]{0,4}97|&\\#x[0]{0,4}61)[\\\\s%09]*(s|&\\#[0]{0,4}115|&\\#x[0]{0,4}73)[\\\\s%09]*(c|&\\#[0]{0,4}99|&\\#x[0]{0,4}63)[\\\\s%09]*(r|&\\#[0]{0,4}114|&\\#x[0]{0,4}72)[\\\\s%09]*(i|&\\#[0]{0,4}105|&\\#x[0]{0,4}69)[\\\\s%09]*(p|&\\#[0]{0,4}112|&\\#x[0]{0,4}70)[\\\\s%09]*(t|&\\#[0]{0,4}116|&\\#x[0]{0,4}74)[\\\\s%09]*(\\:|%3A|&\\#[0]{0,4}58|&\\#x[0]{0,4}3a)*[\\\\s%09]*|[\\\\s%09]*(a|&\\#[0]{0,4}97|&\\#x[0]{0,4}61)[\\\\s%09]*(l|&\\#[0]{0,4}108|&\\#x[0]{0,4}6c)[\\\\s%09]*(e|&\\#[0]{0,4}101|&\\#x[0]{0,4}65)[\\\\s%09]*(r|&\\#[0]{0,4}114|&\\#x[0]{0,4}72)[\\\\s%09]*(t|&\\#[0]{0,4}116|&\\#x[0]{0,4}74)|(%27|\\\\'|&\\#[0]{0,4}39)|/(<|%3c|&lt|&\\#[0]{0,4}60)|--|[\\\\s+]and[\\\\s+]|/[\\\\*].*[\\\\*]/and[\\\\s+]|/[\\\\*].*[\\\\*]/and/[\\\\*].*[\\\\*]/|[\\\\s+]and/[\\\\*].*[\\\\*]/(<|%3c|&lt|&\\#[0]{0,4}60)|[\\\\s+]or[\\\\s+]|/[\\\\*].*[\\\\*]/or[\\\\s+]|/[\\\\*].*[\\\\*]/or/[\\\\*].*[\\\\*]/|[\\\\s+]or/[\\\\*].*[\\\\*]/|[\\:%3A](<|%3c|&lt|&\\#[0]{0,4}60)[^\\:%3A]|[^\\:%3A](<|%3c|&lt|&\\#[0]{0,4}60)[\\:%3A]|[\\:%3A](>|%3e|&gt|&\\#[0]{0,4}62)[^\\:%3A]|[^\\:%3A](>|%3e|&gt|&\\#[0]{0,4}62)[\\:%3A]|^(<|%3c|&lt|&\\#[0]{0,4}60).*|^(>|%3e|&gt|&\\#[0]{0,4}62).*|(<|%3c|&lt|&\\#[0]{0,4}60)$|(>|%3e|&gt|&\\#[0]{0,4}62)$|[^\\:%3A](>|%3e|&gt|&\\#[0]{0,4}62)[^\\:%3A]|[^\\:%3A](<|%3c|&lt|&\\#[0]{0,4}60)[^\\:%3A]|(\"|%22|&#[0]{0,4}34)).*");
    static final Pattern scriptPattern = Pattern.compile("<script>(.*?)</script>", 2);
    static final Pattern srcScriptPattern = Pattern.compile("src[\r\n]*=[\r\n]*\\'(.*?)\\'", 42);
    static final Pattern srcScriptPattern2 = Pattern.compile("src[\r\n]*=[\r\n]*\\\"(.*?)\\\"", 42);
    static final Pattern singleScriptPattern = Pattern.compile("</script>", 2);
    static final Pattern singleScriptPattern2 = Pattern.compile("<script(.*?)>", 42);
    static final Pattern evalScriptPattern = Pattern.compile("eval\\((.*?)\\)", 42);
    static final Pattern xpressionScriptPattern = Pattern.compile("e\u00adxpression\\((.*?)\\)", 42);
    static final Pattern javascriptScriptPattern = Pattern.compile("javascript:", 2);
    static final Pattern vbsScriptPattern = Pattern.compile("vbscript:", 2);
    static final Pattern onloadScriptPattern = Pattern.compile("onload(.*?)=", 42);
    static final Pattern onmousScriptPattern = Pattern.compile("onmouse(.*?)=", 42);
    static final Pattern alertScriptPattern = Pattern.compile("alert(\\s*?)\\((.*?)\\)", 42);
    static final Pattern iframeScriptPattern = Pattern.compile("('|\"){0,2}><iframe(\\s)+(.*?)>|><iframe(\\s)+(.*?)>|<iframe(\\s)+(.*?)>", 42);
    static final Pattern aTagPattern = Pattern.compile("(\"|'){0,2}><a(\\s)+(href=)+(.*?)>(.*?)</a>", 42);
    static final Pattern otherScriptPattern = Pattern.compile("on(after|before){1}print(.*?)=|onload(.*?)=|on(before){0,1}unload(.*?)=|onerror(.*?)=|on(has|form){0,1}change(.*?)=|onmessage(.*?)=|on(on|off){0,1}line(.*?)=|onpage(hide|show){1}(.*?)=|onpopstate(.*?)=|onre(do|size|set){1}(.*?)=|onstorage(.*?)=|onundo(.*?)=|onblur(.*?)=|oncontextmenu(.*?)=|onfocus(.*?)=|on(form){0,1}input(.*?)=|oninvalid(.*?)=|onselect(.*?)=|onsubmit(.*?)=|onkey(up|down|press){1}(.*?)=|on(db){0,1}click(.*?)=|ondrag(end|enter|leave|over|start){0,1}(.*?)=|ondrop{0,1}(.*?)=|onscroll{0,1}(.*?)", 42);
    static final Pattern fontfamilyPattern = Pattern.compile("\"*\\s*style\\s*=\\s*\"*(foo|color|font-family|background){1}(:|\\=){1}(e|\\\\[0]*65){1}(\\\\){0,1}(x|\\\\[0]*78){1}(\\\\){0,1}(p|\\\\[0]*70){1}(\\\\){0,1}(r|\\\\[0]*72){1}(\\\\){0,1}(e|\\\\[0]*65){1}(\\\\){0,1}(s|\\\\[0]*73){1}(\\\\){0,1}(s|\\\\[0]*73){1}(\\\\){0,1}(i|\\\\[0]*69){1}(\\\\){0,1}(o|\\\\[0]*6F){1}(\\\\){0,1}(n|\\\\[0]*6E){1}\\((.*?(\\+)*\\{(toString|valueOf){1}\\:alert\\}|alert\\(.*?\\))\\)(\\!){0,1}", 42);
    static List<Pattern> patternList;

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String checkAndReplace(String str) {
        return otherScriptPattern.matcher(fontfamilyPattern.matcher(aTagPattern.matcher(iframeScriptPattern.matcher(alertScriptPattern.matcher(onmousScriptPattern.matcher(onloadScriptPattern.matcher(vbsScriptPattern.matcher(javascriptScriptPattern.matcher(xpressionScriptPattern.matcher(evalScriptPattern.matcher(singleScriptPattern2.matcher(singleScriptPattern.matcher(srcScriptPattern2.matcher(srcScriptPattern.matcher(scriptPattern.matcher(str).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("")).replaceAll("");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String checkXss(String str) {
        StringBuffer stringBuffer = new StringBuffer();
        if (str == null || "".equals(str)) {
            return "";
        }
        if (patternList == null || patternList.size() == 0) {
            patternList = new ArrayList();
            patternList.add(srcScriptPattern);
            patternList.add(scriptPattern);
            patternList.add(srcScriptPattern);
            patternList.add(srcScriptPattern2);
            patternList.add(singleScriptPattern);
            patternList.add(singleScriptPattern2);
            patternList.add(evalScriptPattern);
            patternList.add(xpressionScriptPattern);
            patternList.add(javascriptScriptPattern);
            patternList.add(vbsScriptPattern);
            patternList.add(onloadScriptPattern);
            patternList.add(onmousScriptPattern);
            patternList.add(alertScriptPattern);
            patternList.add(iframeScriptPattern);
            patternList.add(aTagPattern);
            patternList.add(fontfamilyPattern);
            patternList.add(otherScriptPattern);
        }
        ArrayList<String> arrayList = new ArrayList();
        Iterator<Pattern> it = patternList.iterator();
        while (it.hasNext()) {
            Matcher matcher = it.next().matcher(str);
            while (matcher.find()) {
                arrayList.add(matcher.group());
            }
        }
        if (arrayList.size() <= 0) {
            return "";
        }
        for (String str2 : arrayList) {
            stringBuffer.append("\r");
            stringBuffer.append(str2);
        }
        return stringBuffer.toString();
    }
}
