package org.owasp.esapi.waf.rules;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.owasp.esapi.Logger;
import org.owasp.esapi.waf.actions.Action;
import org.owasp.esapi.waf.actions.DoNothingAction;
import org.owasp.esapi.waf.internal.InterceptingHTTPServletResponse;

/* loaded from: input_file:extensions/37C61C0A-5D7E-4256-8572639BE0CF5838-2.2.4.7.lex:jars/org.lucee.esapi-2.2.3.10002L.jar:org/owasp/esapi/waf/rules/ReplaceContentRule.class */
public class ReplaceContentRule extends Rule {
    private Pattern pattern;
    private String replacement;
    private Pattern contentType;
    private Pattern path;

    public ReplaceContentRule(String str, Pattern pattern, String str2, Pattern pattern2, Pattern pattern3) {
        this.pattern = pattern;
        this.replacement = str2;
        this.path = pattern3;
        this.contentType = pattern2;
        setId(str);
    }

    @Override // org.owasp.esapi.waf.rules.Rule
    public Action check(HttpServletRequest httpServletRequest, InterceptingHTTPServletResponse interceptingHTTPServletResponse, HttpServletResponse httpServletResponse) {
        String requestURI = httpServletRequest.getRequestURI();
        if (this.path != null && !this.path.matcher(requestURI).matches()) {
            return new DoNothingAction();
        }
        if (this.contentType != null && interceptingHTTPServletResponse.getContentType() != null && !this.contentType.matcher(interceptingHTTPServletResponse.getContentType()).matches()) {
            return new DoNothingAction();
        }
        try {
            try {
                String str = new String(interceptingHTTPServletResponse.getInterceptingServletOutputStream().getResponseBytes(), interceptingHTTPServletResponse.getCharacterEncoding());
                String replaceAll = this.pattern.matcher(str).replaceAll(this.replacement);
                try {
                    if (!str.equals(replaceAll)) {
                        interceptingHTTPServletResponse.getInterceptingServletOutputStream().setResponseBytes(replaceAll.getBytes(interceptingHTTPServletResponse.getCharacterEncoding()));
                        logger.debug(Logger.SECURITY_SUCCESS, "Successfully replaced pattern '" + this.pattern.pattern() + "' on response to URL '" + ((Object) httpServletRequest.getRequestURL()) + "'");
                    }
                } catch (IOException e) {
                    logger.error(Logger.SECURITY_FAILURE, "Failed to replace pattern '" + this.pattern.pattern() + "' on response to URL '" + ((Object) httpServletRequest.getRequestURL()) + "' due to [" + e.getMessage() + "]");
                }
            } catch (UnsupportedEncodingException e2) {
                logger.error(Logger.SECURITY_FAILURE, "Failed to replace pattern '" + this.pattern.pattern() + "' on response to URL '" + ((Object) httpServletRequest.getRequestURL()) + "' due to [" + e2.getMessage() + "]");
            }
            return new DoNothingAction();
        } catch (IOException e3) {
            log(httpServletRequest, "Error matching pattern '" + this.pattern.pattern() + "', IOException encountered (possibly too large?): " + e3.getMessage() + " (in response to URL: '" + ((Object) httpServletRequest.getRequestURL()) + "')");
            return new DoNothingAction();
        }
    }
}
