package cn.com.duiba.biz.tool.duiba.cros;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:cn/com/duiba/biz/tool/duiba/cros/CrossDomainUtils.class */
public class CrossDomainUtils {
    private CrossDomainUtils() {
        throw new IllegalStateException("Utility class");
    }

    public static void crossDomain(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        String header = httpServletRequest.getHeader("Origin");
        if (header != null && (header.endsWith("duiba.com.cn") || header.endsWith("tuistone.com"))) {
            httpServletResponse.setHeader(CookieDefine.ACCESS_CONTROL_ALLOW_ORIGIN, UrlUtils.addScheme(header, httpServletRequest));
            setCrosResponseHeader(httpServletResponse);
        } else if (str != null) {
            if (str.endsWith("duiba.com.cn") || str.endsWith("tuistone.com")) {
                httpServletResponse.setHeader(CookieDefine.ACCESS_CONTROL_ALLOW_ORIGIN, UrlUtils.addScheme(str, httpServletRequest));
                setCrosResponseHeader(httpServletResponse);
            }
        }
    }

    private static void setCrosResponseHeader(HttpServletResponse httpServletResponse) {
        httpServletResponse.setHeader(CookieDefine.ACCESS_CONTROL_ALLOW_METHODS, "POST,GET");
        httpServletResponse.setHeader(CookieDefine.ACCESS_CONTROL_MAX_AGE, "3600");
        httpServletResponse.setHeader(CookieDefine.ACCESS_CONTROL_ALLOW_HEADERS, "x-requested-with");
        httpServletResponse.setHeader(CookieDefine.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
    }
}
