package com.bokesoft.scm.cloud.yigo.frontend.utils;

import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:com/bokesoft/scm/cloud/yigo/frontend/utils/ProcessXSSUtil.class */
public class ProcessXSSUtil {
    private static final String EMPTY = "";
    private static final List<Pattern> FILTER_PATTERNS = Collections.unmodifiableList(Arrays.asList(Pattern.compile("<(no)?script[^>]*>.*?</(no)?script>", 2), Pattern.compile("eval\\((.*?)\\)", 42), Pattern.compile("expression\\((.*?)\\)", 42), Pattern.compile("(javascript:|vbscript:|view-source:)*", 2), Pattern.compile("<(\"[^\"]*\"|'[^']*'|[^'\">])*>", 42), Pattern.compile("(window\\.location|window\\.|\\.location|document\\.cookie|document\\.|alert\\(.*?\\)|window\\.open\\()*", 42), Pattern.compile("<+\\s*\\w*\\s*(oncontrolselect|oncopy|oncut|ondataavailable|ondatasetchanged|ondatasetcomplete|ondblclick|ondeactivate|ondrag|ondragend|ondragenter|ondragleave|ondragover|ondragstart|ondrop|onerror=|onerroupdate|onfilterchange|onfinish|onfocus|onfocusin|onfocusout|onhelp|onkeydown|onkeypress|onkeyup|onlayoutcomplete|onload|onlosecapture|onmousedown|onmouseenter|onmouseleave|onmousemove|onmousout|onmouseover|onmouseup|onmousewheel|onmove|onmoveend|onmovestart|onabort|onactivate|onafterprint|onafterupdate|onbefore|onbeforeactivate|onbeforecopy|onbeforecut|onbeforedeactivate|onbeforeeditocus|onbeforepaste|onbeforeprint|onbeforeunload|onbeforeupdate|onblur|onbounce|oncellchange|onchange|onclick|oncontextmenu|onpaste|onpropertychange|onreadystatechange|onreset|onresize|onresizend|onresizestart|onrowenter|onrowexit|onrowsdelete|onrowsinserted|onscroll|onselect|onselectionchange|onselectstart|onstart|onstop|onsubmit|onunload)+\\s*=+", 42)));

    public static String stripXss(String str) {
        if (null != str && str.length() > 0) {
            Iterator<Pattern> it = FILTER_PATTERNS.iterator();
            while (it.hasNext()) {
                Matcher matcher = it.next().matcher(str);
                if (matcher.find()) {
                    str = matcher.replaceAll(EMPTY);
                }
            }
            str = str.replaceAll("<", "&lt;").replaceAll(">", "&gt;");
        }
        return str;
    }
}
