package com.bringspring.common.util;

import java.io.InputStream;
import java.util.regex.Pattern;
import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.Policy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/bringspring/common/util/XSSEscape.class */
public class XSSEscape {
    private static final Logger log = LoggerFactory.getLogger(XSSEscape.class);
    private static final Pattern PATH_PATTERN = Pattern.compile("\\.\\.\\|\\.\\./|~/|~\\|[<]|>|\"|[*]|[|]|[?]", 2);
    private static InputStream inputStream;
    private static Policy policy;
    private static Policy emptyPolicy;

    public static String escape(String str) {
        try {
            return new AntiSamy().scan(str, policy).getCleanHTML().replaceAll("&quot;", "\"").replaceAll("&amp;", "&").replaceAll("&lt;", "<").replaceAll("&gt;", ">");
        } catch (Exception e) {
            log.error("转换错误：" + e.getMessage());
            return null;
        }
    }

    public static <T> T escapeObj(T t) {
        try {
            return (T) JsonUtil.getJsonToBean(escapeEmpty(t.toString()), (Class) t.getClass());
        } catch (Exception e) {
            return t;
        }
    }

    public static String escapeEmpty(String str) {
        try {
            return new AntiSamy().scan(str, emptyPolicy).getCleanHTML();
        } catch (Exception e) {
            return str;
        }
    }

    public static String escapePath(String str) {
        return escapeEmpty(PATH_PATTERN.matcher(str).replaceAll("").replaceAll("\\.\\.", "."));
    }

    static {
        try {
            inputStream = XSSEscape.class.getClassLoader().getResourceAsStream("antisamy-ebay.xml");
            policy = Policy.getInstance(inputStream);
            inputStream.close();
            inputStream = XSSEscape.class.getClassLoader().getResourceAsStream("antisamy-empty.xml");
            emptyPolicy = Policy.getInstance(inputStream);
            inputStream.close();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
