package org.apache.sling.xss.impl;

import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.nio.charset.StandardCharsets;
import javax.servlet.Servlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.batik.util.CSSConstants;
import org.apache.batik.util.SVGConstants;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.sling.xss.XSSFilter;
import org.apache.sling.xss.impl.XSSFilterImpl;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(service = {Servlet.class}, property = {"felix.webconsole.label=xssprotection", "felix.webconsole.title=XSS Protection", "felix.webconsole.category=Sling"})
/* loaded from: input_file:resources/install/0/org.apache.sling.xss-2.1.10.jar:org/apache/sling/xss/impl/XSSProtectionAPIWebConsolePlugin.class */
public class XSSProtectionAPIWebConsolePlugin extends HttpServlet {
    static final String REG_PROP_LABEL = "felix.webconsole.label";
    static final String REG_PROP_TITLE = "felix.webconsole.title";
    static final String REG_PROP_CATEGORY = "felix.webconsole.category";
    static final String LABEL = "xssprotection";
    static final String TITLE = "XSS Protection";
    private static final String RES_LOC = "xssprotection/res/ui";
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) XSSProtectionAPIWebConsolePlugin.class);

    @Reference(target = "(component.name=org.apache.sling.xss.impl.XSSFilterImpl)")
    private XSSFilter xssFilter;

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        XSSFilterImpl.AntiSamyPolicy activePolicy;
        InputStream read;
        Throwable th;
        if (httpServletRequest.getRequestURI().endsWith("xssprotection/res/ui/prettify.css")) {
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("/res/ui/prettify.css");
            Throwable th2 = null;
            try {
                if (resourceAsStream != null) {
                    httpServletResponse.setContentType(CSSConstants.CSS_MIME_TYPE);
                    IOUtils.copy(resourceAsStream, httpServletResponse.getOutputStream());
                }
                if (resourceAsStream != null) {
                    if (0 == 0) {
                        resourceAsStream.close();
                        return;
                    }
                    try {
                        resourceAsStream.close();
                        return;
                    } catch (Throwable th3) {
                        th2.addSuppressed(th3);
                        return;
                    }
                }
                return;
            } catch (Throwable th4) {
                if (resourceAsStream != null) {
                    if (0 != 0) {
                        try {
                            resourceAsStream.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        resourceAsStream.close();
                    }
                }
                throw th4;
            }
        }
        if (httpServletRequest.getRequestURI().endsWith("xssprotection/res/ui/prettify.js")) {
            InputStream resourceAsStream2 = getClass().getClassLoader().getResourceAsStream("/res/ui/prettify.js");
            Throwable th6 = null;
            if (resourceAsStream2 != null) {
                try {
                    try {
                        httpServletResponse.setContentType(SVGConstants.SVG_SCRIPT_TYPE_APPLICATION_JAVASCRIPT);
                        IOUtils.copy(resourceAsStream2, httpServletResponse.getOutputStream());
                    } catch (Throwable th7) {
                        th6 = th7;
                        throw th7;
                    }
                } catch (Throwable th8) {
                    if (resourceAsStream2 != null) {
                        if (th6 != null) {
                            try {
                                resourceAsStream2.close();
                            } catch (Throwable th9) {
                                th6.addSuppressed(th9);
                            }
                        } else {
                            resourceAsStream2.close();
                        }
                    }
                    throw th8;
                }
            }
            if (resourceAsStream2 != null) {
                if (0 == 0) {
                    resourceAsStream2.close();
                    return;
                }
                try {
                    resourceAsStream2.close();
                    return;
                } catch (Throwable th10) {
                    th6.addSuppressed(th10);
                    return;
                }
            }
            return;
        }
        if (this.xssFilter == null || (activePolicy = ((XSSFilterImpl) this.xssFilter).getActivePolicy()) == null) {
            return;
        }
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write("<link rel=\"stylesheet\" type=\"text/css\" href=\"xssprotection/res/ui/prettify.css\"></link>");
        writer.write("<script type=\"text/javascript\" src=\"xssprotection/res/ui/prettify.js\"></script>");
        writer.write("<script type=\"text/javascript\" src=\"xssprotection/res/ui/fsclassloader.js\"></script>");
        writer.write("<script>$(document).ready(prettyPrint);</script>");
        writer.write("<style>.prettyprint ol.linenums > li { list-style-type: decimal; } pre.prettyprint { white-space: pre-wrap; }</style>");
        writer.write("<p class=\"statline ui-state-highlight\">The current AntiSamy configuration ");
        if (activePolicy.isEmbedded()) {
            writer.write("is the default one embedded in the org.apache.sling.xss bundle.");
        } else {
            writer.write("is loaded from ");
            writer.write(activePolicy.getPath());
            writer.write(".");
        }
        writer.write("</p>");
        String str = "";
        try {
            read = activePolicy.read();
            th = null;
        } catch (Throwable th11) {
            LOGGER.error("Unable to read policy file.", th11);
        }
        try {
            try {
                str = IOUtils.toString(read, StandardCharsets.UTF_8);
                if (read != null) {
                    if (0 != 0) {
                        try {
                            read.close();
                        } catch (Throwable th12) {
                            th.addSuppressed(th12);
                        }
                    } else {
                        read.close();
                    }
                }
                writer.write("<pre class=\"prettyprint linenums\">");
                writer.write(StringEscapeUtils.escapeHtml4(str));
                writer.write("</pre>");
            } catch (Throwable th13) {
                th = th13;
                throw th13;
            }
        } finally {
        }
    }
}
