package cn.com.duibaboot.ext.autoconfigure.security.dpefensivepolicy;

import cn.com.duibaboot.ext.autoconfigure.cloud.netflix.feign.CustomRequestInterceptor;
import cn.com.duibaboot.ext.autoconfigure.core.utils.HttpRequestUtils;
import cn.com.duibaboot.ext.autoconfigure.security.DefensivePolicy;
import cn.com.duibaboot.ext.autoconfigure.security.exception.DuibaSecurityException;
import cn.com.duibaboot.ext.autoconfigure.web.wrapper.XssHttpServletRequestWrapper;
import com.google.common.collect.Sets;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.MediaType;

/* loaded from: input_file:cn/com/duibaboot/ext/autoconfigure/security/dpefensivepolicy/XssDefensivePolicy.class */
public class XssDefensivePolicy implements DefensivePolicy {
    @Override // cn.com.duibaboot.ext.autoconfigure.security.DefensivePolicy
    public Set<MediaType> getMediaTypes() {
        return Sets.newHashSet(new MediaType[]{MediaType.ALL});
    }

    @Override // cn.com.duibaboot.ext.autoconfigure.security.DefensivePolicy
    public HttpServletRequest preprocessorRequest(HttpServletRequest httpServletRequest) {
        return isFeignRequest(httpServletRequest) ? httpServletRequest : new XssHttpServletRequestWrapper(httpServletRequest);
    }

    @Override // cn.com.duibaboot.ext.autoconfigure.security.DefensivePolicy
    public void doDefensive(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws DuibaSecurityException {
    }

    protected boolean isFeignRequest(HttpServletRequest httpServletRequest) {
        return "true".equals(httpServletRequest.getHeader(CustomRequestInterceptor.X_RPC)) && HttpRequestUtils.isLanRequest(httpServletRequest);
    }
}
