package com.liferay.util;

import com.dotcms.repackage.org.apache.commons.lang.StringEscapeUtils;
import com.dotmarketing.util.RegEX;
import com.dotmarketing.util.UtilMethods;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/liferay/util/Xss.class */
public class Xss {
    public static final String XSS_REGEXP_PATTERN = GetterUtil.getString(SystemProperties.get(Xss.class.getName() + ".regexp.pattern"));
    private static Set<String> excludeList = null;

    public static String strip(String str) {
        if (str == null) {
            return null;
        }
        return RegEX.replace(str, StringPool.BLANK, XSS_REGEXP_PATTERN);
    }

    public static boolean ParamsHaveXSS(HttpServletRequest httpServletRequest) {
        return ParamsHaveXSS(httpServletRequest.getQueryString());
    }

    public static boolean ParamsHaveXSS(String str) {
        return RegEX.contains(UtilMethods.decodeURL(str), XSS_REGEXP_PATTERN);
    }

    public static boolean URIHasXSS(String str) {
        if (str == null) {
            return false;
        }
        return RegEX.contains(str, XSS_REGEXP_PATTERN);
    }

    public static boolean URLHasXSS(String str) {
        if (str == null) {
            return false;
        }
        return RegEX.contains(str, XSS_REGEXP_PATTERN);
    }

    public static String encodeForURL(String str) throws Exception {
        return str != null ? UtilMethods.encodeURL(str) : StringPool.BLANK;
    }

    public static String escapeHTMLAttrib(String str) {
        return str != null ? StringEscapeUtils.escapeHtml(str) : StringPool.BLANK;
    }

    public static String unEscapeHTMLAttrib(String str) {
        return str != null ? StringEscapeUtils.unescapeHtml(str) : StringPool.BLANK;
    }

    private static void buildExcludeList() {
        if (excludeList != null) {
            return;
        }
        excludeList = new HashSet();
        excludeList.add("&or");
        excludeList.add("&Or");
    }
}
