package org.owasp.esapi.filters;

import com.j256.ormlite.stmt.query.SimpleComparison;
import java.io.IOException;
import java.io.PrintWriter;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Logger;
import org.owasp.esapi.StringUtilities;
import org.owasp.esapi.errors.ValidationException;

/* loaded from: classes.dex */
public class SafeResponse extends HttpServletResponseWrapper {
    private static final Class CLASS;
    private static final boolean IS_SERVLET_23;
    static Class class$0;
    static Class class$1;
    static Class class$2;
    private static final Logger logger;
    private static final Method setCharacterEncodingMeth;
    private boolean getWriterCalled;
    private HttpServletResponse response;

    static {
        Method method;
        boolean z;
        Class<?> cls;
        Class<?> cls2 = class$0;
        if (cls2 == null) {
            try {
                cls2 = Class.forName("org.owasp.esapi.filters.SafeResponse");
                class$0 = cls2;
            } catch (ClassNotFoundException e) {
                throw new NoClassDefFoundError(e.getMessage());
            }
        }
        CLASS = cls2;
        logger = ESAPI.getLogger("SafeResponse");
        try {
            Class<?> cls3 = class$1;
            if (cls3 == null) {
                try {
                    Class<?> cls4 = Class.forName("javax.servlet.http.HttpServletResponse");
                    class$1 = cls4;
                    cls = cls4;
                } catch (ClassNotFoundException e2) {
                    throw new NoClassDefFoundError(e2.getMessage());
                }
            } else {
                cls = cls3;
            }
            Class<?>[] clsArr = new Class[1];
            Class<?> cls5 = class$2;
            if (cls5 == null) {
                try {
                    cls5 = Class.forName("java.lang.String");
                    class$2 = cls5;
                } catch (ClassNotFoundException e3) {
                    throw new NoClassDefFoundError(e3.getMessage());
                }
            }
            clsArr[0] = cls5;
            method = cls.getMethod("setCharacterEncoding", clsArr);
            z = false;
        } catch (NoSuchMethodException e4) {
            method = null;
            z = true;
        }
        setCharacterEncodingMeth = method;
        IS_SERVLET_23 = z;
    }

    public SafeResponse(HttpServletResponse httpServletResponse) {
        super(httpServletResponse);
        this.getWriterCalled = false;
        this.response = httpServletResponse;
    }

    private String getHTTPMessage(int i) {
        return new StringBuffer("HTTP error code: ").append(i).toString();
    }

    static boolean isServlet23() {
        return IS_SERVLET_23;
    }

    public void addCookie(String str, String str2, int i, String str3, String str4) {
        try {
            String validInput = ESAPI.validator().getValidInput("safeAddCookie", str, "HTTPCookieName", 50, false);
            String stringBuffer = new StringBuffer(String.valueOf(validInput)).append(SimpleComparison.EQUAL_TO_OPERATION).append(ESAPI.validator().getValidInput("safeAddCookie", str2, "HTTPCookieValue", 5000, false)).toString();
            if (i != -1) {
                stringBuffer = new StringBuffer(String.valueOf(stringBuffer)).append("; Max-Age=").append(i).toString();
            }
            if (str3 != null) {
                stringBuffer = new StringBuffer(String.valueOf(stringBuffer)).append("; Domain=").append(str3).toString();
            }
            if (str4 != null) {
                stringBuffer = new StringBuffer(String.valueOf(stringBuffer)).append("; Path=").append(str4).toString();
            }
            this.response.addHeader("Set-Cookie", new StringBuffer(String.valueOf(stringBuffer)).append("; Secure; HttpOnly").toString());
        } catch (ValidationException e) {
            logger.warning(Logger.SECURITY, false, "Attempt to set invalid cookie denied", e);
        }
    }

    public void addCookie(Cookie cookie) {
        addCookie(cookie.getName(), cookie.getValue(), cookie.getMaxAge(), cookie.getDomain(), cookie.getPath());
    }

    public void addDateHeader(String str, long j) {
        try {
            this.response.addDateHeader(ESAPI.validator().getValidInput("safeSetDateHeader", str, "HTTPHeaderName", 20, false), j);
        } catch (ValidationException e) {
            logger.warning(Logger.SECURITY, false, "Attempt to set invalid date header name denied", e);
        }
    }

    public void addHeader(String str, String str2) {
        try {
            String stripControls = StringUtilities.stripControls(str);
            String stripControls2 = StringUtilities.stripControls(str2);
            this.response.setHeader(ESAPI.validator().getValidInput("addHeader", stripControls, "HTTPHeaderName", 20, false), ESAPI.validator().getValidInput("addHeader", stripControls2, "HTTPHeaderValue", 500, false));
        } catch (ValidationException e) {
            logger.warning(Logger.SECURITY, false, "Attempt to add invalid header denied", e);
        }
    }

    public void addIntHeader(String str, int i) {
        try {
            this.response.addIntHeader(ESAPI.validator().getValidInput("safeSetDateHeader", str, "HTTPHeaderName", 20, false), i);
        } catch (ValidationException e) {
            logger.warning(Logger.SECURITY, false, "Attempt to set invalid int header name denied", e);
        }
    }

    public String encodeRedirectURL(String str) {
        return str;
    }

    public String encodeRedirectUrl(String str) {
        return str;
    }

    public String encodeURL(String str) {
        return str;
    }

    public String encodeUrl(String str) {
        return str;
    }

    public PrintWriter getWriter() throws IOException {
        this.getWriterCalled = true;
        return this.response.getWriter();
    }

    public void sendError(int i) throws IOException {
        this.response.sendError(Logger.DEBUG, getHTTPMessage(i));
    }

    public void sendError(int i, String str) throws IOException {
        this.response.sendError(Logger.DEBUG, ESAPI.encoder().encodeForHTML(str));
    }

    public void sendRedirect(String str) throws IOException {
        if (ESAPI.validator().isValidRedirectLocation("Redirect", str, false)) {
            this.response.sendRedirect(str);
        } else {
            logger.fatal(Logger.SECURITY, false, new StringBuffer("Bad redirect location: ").append(str).toString());
            throw new IOException("Redirect failed");
        }
    }

    public void setCharacterEncoding(String str) {
        String characterEncoding = ESAPI.securityConfiguration().getCharacterEncoding();
        if (IS_SERVLET_23) {
            setCharacterEncoding23(characterEncoding);
        } else {
            setCharacterEncoding24Plus(characterEncoding);
        }
    }

    void setCharacterEncoding23(String str) {
        throw new UnsupportedOperationException("The Servlet 2.3 spec does not provide javax.servlet.ServletResponse#setCharacterEncoding(String)");
    }

    void setCharacterEncoding24Plus(String str) {
        if (this.getWriterCalled || isCommitted()) {
            return;
        }
        try {
            setCharacterEncodingMeth.invoke(this.response, str);
        } catch (IllegalAccessException e) {
            IllegalStateException illegalStateException = new IllegalStateException("IllegalAccessException calling public HttpServletRequest#setCharacterEncoding(String).");
            illegalStateException.initCause(e);
            throw illegalStateException;
        } catch (InvocationTargetException e2) {
            Throwable cause = e2.getCause();
            IllegalStateException illegalStateException2 = new IllegalStateException(new StringBuffer("Checked exception ").append(cause.getClass().getName()).append(" thrown calling HttpServletRequest#setCharacterEncoding(String) which does not throw a checked exception.").toString());
            illegalStateException2.initCause(cause);
            throw illegalStateException2;
        }
    }

    public void setDateHeader(String str, long j) {
        try {
            this.response.setDateHeader(ESAPI.validator().getValidInput("safeSetDateHeader", str, "HTTPHeaderName", 20, false), j);
        } catch (ValidationException e) {
            logger.warning(Logger.SECURITY, false, "Attempt to set invalid date header name denied", e);
        }
    }

    public void setHeader(String str, String str2) {
        try {
            String stripControls = StringUtilities.stripControls(str);
            String stripControls2 = StringUtilities.stripControls(str2);
            this.response.setHeader(ESAPI.validator().getValidInput("setHeader", stripControls, "HTTPHeaderName", 20, false), ESAPI.validator().getValidInput("setHeader", stripControls2, "HTTPHeaderValue", 500, false));
        } catch (ValidationException e) {
            logger.warning(Logger.SECURITY, false, "Attempt to set invalid header denied", e);
        }
    }

    public void setIntHeader(String str, int i) {
        try {
            this.response.setIntHeader(ESAPI.validator().getValidInput("safeSetIntHeader", str, "HTTPHeaderName", 20, false), i);
        } catch (ValidationException e) {
            logger.warning(Logger.SECURITY, false, "Attempt to set invalid int header name denied", e);
        }
    }

    public void setStatus(int i) {
        this.response.setStatus(Logger.DEBUG);
    }

    public void setStatus(int i, String str) {
        try {
            sendError(Logger.DEBUG, str);
        } catch (IOException e) {
            logger.warning(Logger.SECURITY, false, "Attempt to set response status failed", e);
        }
    }
}
