package org.springblade.core.xss.processor;

import java.nio.charset.StandardCharsets;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;
import org.jsoup.nodes.Entities;
import org.springblade.core.xss.BladeXssProperties;
import org.springblade.core.xss.XssType;
import org.springblade.core.xss.XssUtil;
import org.springframework.util.StringUtils;
import org.springframework.web.util.HtmlUtils;

/* loaded from: input_file:org/springblade/core/xss/processor/DefaultXssCleaner.class */
public class DefaultXssCleaner implements XssCleaner {
    private final BladeXssProperties properties;

    public DefaultXssCleaner(BladeXssProperties bladeXssProperties) {
        this.properties = bladeXssProperties;
    }

    private static Document.OutputSettings getOutputSettings(BladeXssProperties bladeXssProperties) {
        return new Document.OutputSettings().escapeMode(Entities.EscapeMode.xhtml).prettyPrint(bladeXssProperties.isPrettyPrint());
    }

    @Override // org.springblade.core.xss.processor.XssCleaner
    public String clean(String str, String str2, XssType xssType) {
        if (!StringUtils.hasText(str2)) {
            return str2;
        }
        BladeXssProperties.Mode mode = this.properties.getMode();
        if (BladeXssProperties.Mode.ESCAPE == mode) {
            return HtmlUtils.htmlEscape(str2, StandardCharsets.UTF_8.name());
        }
        if (BladeXssProperties.Mode.VALIDATE != mode) {
            return XssUtil.clean(this.properties.isEnableEscape() ? Entities.escape(str2) : Entities.unescape(str2), getOutputSettings(this.properties));
        }
        if (Jsoup.isValid(str2, XssUtil.SAFE_LIST)) {
            return str2;
        }
        throw xssType.getXssException(str, str2, "Xss validate fail, input value:" + str2);
    }
}
