package org.alfresco.web.scripts;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URL;
import java.util.Iterator;
import java.util.Vector;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletResponse;
import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.htmlparser.Attribute;
import org.htmlparser.Node;
import org.htmlparser.Parser;
import org.htmlparser.PrototypicalNodeFactory;
import org.htmlparser.tags.DoctypeTag;
import org.htmlparser.util.NodeIterator;
import org.htmlparser.util.ParserException;
import org.springframework.extensions.surf.util.I18NUtil;
import org.springframework.extensions.webscripts.connector.HttpMethod;
import org.springframework.extensions.webscripts.connector.RemoteClient;
import org.springframework.extensions.webscripts.ui.common.StringUtils;
import org.springframework.http.MediaType;

/* loaded from: input_file:WEB-INF/classes/org/alfresco/web/scripts/SlingshotRemoteClient.class */
public class SlingshotRemoteClient extends RemoteClient {
    private static final Pattern CONTENT_PATTERN_TO_CHECK = Pattern.compile(".*/(api|slingshot)/(node|path)/(content.*/)?workspace/SpacesStore/.+");
    private static final Pattern CONTENT_PATTERN_TO_WHITE_LIST = Pattern.compile(".*/api/node/workspace/SpacesStore/[a-z0-9-]+/content/thumbnails/webpreview");
    private static final Pattern SLINGSHOT_WIKI_PAGE_PATTERN = Pattern.compile(".*/slingshot/wiki/page/.*");
    private static final Pattern SLINGSHOT_WIKI_VERSION_PATTERN = Pattern.compile(".*/slingshot/wiki/version/.*");
    private boolean swfEnabled = false;

    public void setSwfEnabled(boolean z) {
        this.swfEnabled = z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.extensions.webscripts.connector.RemoteClient
    public void copyResponseStreamOutput(URL url, HttpServletResponse httpServletResponse, OutputStream outputStream, HttpResponse httpResponse, String str, int i) throws IOException {
        Header firstHeader;
        InputStream content;
        boolean z = false;
        if (httpServletResponse != null && getRequestMethod() == HttpMethod.GET && httpResponse.getStatusLine().getStatusCode() >= 200 && httpResponse.getStatusLine().getStatusCode() < 300 && (((firstHeader = httpResponse.getFirstHeader("Content-Disposition")) == null || !firstHeader.getValue().startsWith("attachment")) && str != null && ((CONTENT_PATTERN_TO_CHECK.matcher(url.getPath()).matches() && !CONTENT_PATTERN_TO_WHITE_LIST.matcher(url.getPath()).matches()) || SLINGSHOT_WIKI_PAGE_PATTERN.matcher(url.getPath()).matches() || SLINGSHOT_WIKI_VERSION_PATTERN.matcher(url.getPath()).matches()))) {
            String str2 = str;
            String str3 = null;
            int indexOf = str.indexOf("charset=");
            if (indexOf != -1) {
                str2 = str.substring(0, indexOf - 1).toLowerCase();
                str3 = str.substring(indexOf + "charset=".length());
            }
            if (str2.contains("text/html") || str2.contains(MediaType.APPLICATION_XHTML_XML_VALUE) || str2.contains(MediaType.TEXT_XML_VALUE)) {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(i);
                if (httpResponse.getEntity() != null && (content = httpResponse.getEntity().getContent()) != null) {
                    try {
                        byte[] bArr = new byte[i];
                        for (int read = content.read(bArr); read != -1; read = content.read(bArr)) {
                            for (int i2 = 0; i2 < read; i2++) {
                                if (bArr[i2] == 0) {
                                    httpServletResponse.setContentLength(0);
                                    outputStream.close();
                                    content.close();
                                    return;
                                }
                            }
                            byteArrayOutputStream.write(bArr, 0, read);
                        }
                        String str4 = str3 != null ? new String(byteArrayOutputStream.toByteArray(), str3) : new String(byteArrayOutputStream.toByteArray());
                        if (str2.contains("text/html") || str2.contains(MediaType.APPLICATION_XHTML_XML_VALUE)) {
                            str4 = StringUtils.stripUnsafeHTMLDocument(str4, false);
                        } else if (str2.contains(MediaType.TEXT_XML_VALUE)) {
                            httpServletResponse.setContentType("text/plain");
                        } else if (str2.contains("text/x-component")) {
                            httpServletResponse.setContentType("text/plain");
                        }
                        try {
                            byte[] bytes = str3 != null ? str4.getBytes(str3) : str4.getBytes();
                            httpServletResponse.setContentLength(bytes.length);
                            outputStream.write(bytes);
                            outputStream.close();
                        } finally {
                        }
                    } finally {
                        content.close();
                    }
                }
                z = true;
            } else if ((str2.contains("application/x-shockwave-flash") || str2.contains("image/svg+xml")) && !this.swfEnabled) {
                String message = I18NUtil.getMessage("security.insecuremimetype");
                try {
                    byte[] bytes2 = str3 != null ? message.getBytes(str3) : message.getBytes();
                    httpServletResponse.setContentType("text/plain");
                    httpServletResponse.setContentLength(bytes2.length);
                    outputStream.write(bytes2);
                    outputStream.close();
                    z = true;
                } finally {
                }
            }
        }
        if (z) {
            return;
        }
        super.copyResponseStreamOutput(url, httpServletResponse, outputStream, httpResponse, str, i);
    }

    protected boolean hasDocType(String str, String str2, boolean z) {
        Vector attributesEx;
        try {
            Parser createParser = Parser.createParser(str, "UTF-8");
            createParser.setNodeFactory(new PrototypicalNodeFactory());
            NodeIterator elements = createParser.elements();
            while (elements.hasMoreNodes()) {
                Node nextNode = elements.nextNode();
                if ((nextNode instanceof DoctypeTag) && (attributesEx = ((DoctypeTag) nextNode).getAttributesEx()) != null && attributesEx.size() > 1) {
                    Iterator it = attributesEx.iterator();
                    while (it.hasNext()) {
                        String name = ((Attribute) it.next()).getName();
                        if (name != null && name.equalsIgnoreCase(str2)) {
                            return true;
                        }
                    }
                }
            }
            return false;
        } catch (ParserException e) {
            return false;
        }
    }
}
