package org.owasp.stinger;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.owasp.stinger.http.MutableHttpRequest;
import org.owasp.stinger.rules.RuleSet;

/* loaded from: input_file:org/owasp/stinger/StingerFilter.class */
public class StingerFilter implements Filter {
    private Stinger stinger = null;
    private String config = null;
    private boolean reload = false;
    private RuleSet ruleSet = null;
    private String errorPage = null;

    public void init(FilterConfig filterConfig) {
        this.config = filterConfig.getInitParameter("config");
        this.ruleSet = new RuleSet(this.config);
        this.errorPage = filterConfig.getInitParameter("error-page");
        this.reload = Boolean.valueOf(filterConfig.getInitParameter("reload")).booleanValue();
        this.stinger = Stinger.getInstance(this.ruleSet);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) {
        if ((servletRequest instanceof HttpServletRequest) && (servletResponse instanceof HttpServletResponse)) {
            MutableHttpRequest mutableHttpRequest = new MutableHttpRequest((HttpServletRequest) servletRequest);
            HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
            if (this.reload) {
                initRuleSet();
            }
            try {
                if (!this.ruleSet.isExcluded(mutableHttpRequest.getRequestURI())) {
                    this.stinger.validate(mutableHttpRequest, httpServletResponse);
                }
                filterChain.doFilter(mutableHttpRequest, httpServletResponse);
            } catch (BreakChainException e) {
                e.printStackTrace();
            } catch (Exception e2) {
                e2.printStackTrace();
                try {
                    httpServletResponse.sendRedirect(this.errorPage);
                } catch (IOException e3) {
                    e3.printStackTrace();
                }
            }
        }
    }

    public void destroy() {
    }

    private synchronized void initRuleSet() {
        this.ruleSet = new RuleSet(this.config);
        Stinger.setRuleSet(this.ruleSet);
    }
}
