package org.eclnt.jsfserver.starter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.eclnt.jsfserver.managedbean.HotDeployManager;
import org.eclnt.jsfserver.session.SessionInfo;
import org.eclnt.jsfserver.util.CCServletBase;
import org.eclnt.jsfserver.util.ServletUtil;
import org.eclnt.jsfserver.util.SystemXml;
import org.eclnt.jsfserver.util.ThreadingFilter;
import org.eclnt.jsfserver.util.VersionXml;
import org.eclnt.jsfserver.util.WebResourceClassloaderReader;
import org.eclnt.util.file.ClassloaderReader;
import org.eclnt.util.log.CLog;
import org.eclnt.util.valuemgmt.ValueManager;
import org.owasp.esapi.ESAPI;

/* loaded from: input_file:org/eclnt/jsfserver/starter/RISCStarter.class */
public class RISCStarter extends CCServletBase {
    static IVersionStamp s_versionStamp = null;

    /* loaded from: input_file:org/eclnt/jsfserver/starter/RISCStarter$SecurityException.class */
    public class SecurityException extends Exception {
        public SecurityException(String str) {
            super(str);
        }
    }

    public static void initialize(ServletContext servletContext) {
        try {
            String versionstampclassname = SystemXml.getRiscStarter().getVersionstampclassname();
            if (versionstampclassname != null) {
                s_versionStamp = (IVersionStamp) Class.forName(versionstampclassname, true, HotDeployManager.currentClassLoader()).newInstance();
            }
        } catch (Throwable th) {
            CLog.L.log(CLog.LL_ERR, "Problem creating instance of IVersionStamp", th);
        }
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if ("GET".equals(httpServletRequest.getMethod())) {
            ServletUtil.ensureServletGetIsAllowed(getClass());
        }
        CLog.L.log(CLog.LL_INF, "RISC request is started");
        String requestURI = httpServletRequest.getRequestURI();
        boolean z = false;
        int indexOf = requestURI.indexOf(";jsessionid=");
        if (indexOf >= 0) {
            requestURI = requestURI.substring(0, indexOf);
            z = true;
        }
        String findPageNameInURI = findPageNameInURI(requestURI);
        if (!findPageNameInURI.contains("zz_cceditoraround.jsp")) {
            findPageNameInURI = "eclntjsfserver/includes/ccaround.jsp?ccaroundoutestpage=/" + findPageNameInURI;
        }
        HttpSession session = httpServletRequest.getSession();
        CLog.L.log(CLog.LL_INF, "The http session id is: " + session.getId());
        if (!SystemXml.getSessionMgmtViaCookie()) {
            if (((String) session.getAttribute(getClass().getName() + "_touched")) == null) {
                CLog.L.log(CLog.LL_INF, "Session was not used so far - now mark as touched!");
                session.setAttribute(getClass().getName() + "_touched", "touched");
            } else if (!z) {
                CLog.L.log(CLog.LL_INF, "Session was already used - invalidated!");
                session.invalidate();
            }
        }
        manageHeaderParametersIframeEmbedding(httpServletRequest, httpServletResponse);
        String encodeForJavaScript = ESAPI.encoder().encodeForJavaScript(httpServletRequest.getParameter(ThreadingFilter.SESSION_ATTRIBUTE_STYLE));
        String encodeIntoValidXMLString = ValueManager.encodeIntoValidXMLString(httpServletRequest.getParameter("cctitle"));
        String encodeIntoValidXMLString2 = ValueManager.encodeIntoValidXMLString(httpServletRequest.getParameter("ccpageicon"));
        String encodeForJavaScript2 = ESAPI.encoder().encodeForJavaScript(httpServletRequest.getParameter("ccexttitles"));
        String encodeForJavaScript3 = ESAPI.encoder().encodeForJavaScript(httpServletRequest.getParameter("ccscale"));
        String encodeForJavaScript4 = ESAPI.encoder().encodeForJavaScript(httpServletRequest.getParameter("ccdw"));
        resetBuffers(httpServletRequest);
        String str = encodeForJavaScript;
        if (str == null) {
            str = SessionInfo.getSessionDefaultStyleForRISCClient();
        }
        String title = SystemXml.getRiscStarter().getTitle();
        if (encodeIntoValidXMLString != null) {
            title = encodeIntoValidXMLString;
        }
        String str2 = "true".equals(encodeForJavaScript2) ? "true" : "false";
        String pageicon = SystemXml.getRiscStarter().getPageicon();
        if (encodeIntoValidXMLString2 != null) {
            pageicon = encodeIntoValidXMLString2;
        }
        String str3 = findePageFolderPrefix() + findPageNameInURI;
        String buildIncludeList = buildIncludeList(ESAPI.encoder().encodeForJavaScript(str));
        String str4 = encodeForJavaScript3;
        if ((str4 == null || ValueManager.decodeFloat(str4, 0.0f) == 0.0f) && !"auto".equals(str4)) {
            str4 = "1";
        }
        String str5 = encodeForJavaScript4 != null ? encodeForJavaScript4 : "800";
        httpServletResponse.setContentType("text/html");
        String readUTF8File = new ClassloaderReader(HotDeployManager.currentClassLoader()).readUTF8File(SystemXml.getStarttemplateCcRisc(), true);
        String queryString = httpServletRequest.getQueryString();
        if (queryString != null && queryString.indexOf("ccstyle=") < 0) {
            queryString = queryString + "&ccstyle=" + str;
        } else if (queryString == null) {
            queryString = "ccstyle=" + str;
        }
        String str6 = !str3.contains("?") ? str3 + "?" + queryString : str3 + "&" + queryString;
        if (!SystemXml.getSessionMgmtViaCookie()) {
            str6 = httpServletResponse.encodeRedirectURL(str6);
        }
        try {
            String replace = readUTF8File.replace("@@pagename@@", ESAPI.encoder().encodeForURL(str6)).replace("@@eclntIncludes@@", buildIncludeList).replace("@@ccmetaaddons@@", buildMetaAddons()).replace("@@cclinkaddons@@", buildLinkAddons()).replace("@@ccfontaccess@@", "").replace("@@devicewidth@@", ESAPI.encoder().encodeForHTMLAttribute(str5)).replace("@@scale@@", ESAPI.encoder().encodeForHTMLAttribute(str4)).replace("@@cctitle@@", ESAPI.encoder().encodeForHTMLAttribute(title)).replace("@@pageicon@@", ESAPI.encoder().encodeForHTMLAttribute(pageicon)).replace("@@switchExtendedTitlesOn@@", ESAPI.encoder().encodeForHTMLAttribute(str2)).replace("@versionStamp@", buildVersionStamp()).replace("@@styleName@@", ESAPI.encoder().encodeForHTMLAttribute(str));
            CLog.L.log(CLog.LL_DBG, "HTML for RISC:\n\n" + replace + "\n\n");
            httpServletResponse.getWriter().write(replace);
        } catch (Throwable th) {
            throw new Error("Could not encode URL: " + str6, th);
        }
    }

    private String buildLinkAddons() {
        StringBuffer stringBuffer = new StringBuffer();
        for (SystemXml.RISCClientStyle rISCClientStyle : SystemXml.getRISCClientStyles()) {
            if (rISCClientStyle.getSrc() != null && rISCClientStyle.getSrc().trim().length() > 0) {
                stringBuffer.append("<link rel=\"stylesheet\" href=\"" + rISCClientStyle.getSrc() + "\"/>\n");
            }
        }
        return stringBuffer.toString();
    }

    private String buildMetaAddons() {
        StringBuffer stringBuffer = new StringBuffer();
        for (SystemXml.RISCClientMetaTag rISCClientMetaTag : SystemXml.getRISCClientMetaTags()) {
            stringBuffer.append("<meta ");
            if (rISCClientMetaTag.getName() != null) {
                stringBuffer.append("name=\"");
                stringBuffer.append(ESAPI.encoder().encodeForHTMLAttribute(rISCClientMetaTag.getName()));
                stringBuffer.append("\" ");
            }
            if (rISCClientMetaTag.getHttpequiv() != null) {
                stringBuffer.append("http-equiv=\"");
                stringBuffer.append(ESAPI.encoder().encodeForHTMLAttribute(rISCClientMetaTag.getHttpequiv()));
                stringBuffer.append("\" ");
            }
            if (rISCClientMetaTag.getContent() != null) {
                stringBuffer.append("content=\"");
                stringBuffer.append(ESAPI.encoder().encodeForHTMLAttribute(rISCClientMetaTag.getContent()));
                stringBuffer.append("\" ");
            }
            stringBuffer.append("/>\n");
        }
        return stringBuffer.toString();
    }

    private String findPageNameInURI(String str) {
        if (!str.endsWith(findRiscExtension())) {
            throw new Error("Could not interpret URI: " + str);
        }
        String substring = str.substring(0, str.length() - findRiscExtension().length());
        return substring.substring(substring.lastIndexOf(47) + 1, substring.length()).replace(".", "/") + findPageExtension();
    }

    private String buildIncludeList(String str) {
        String buildVersionStamp = buildVersionStamp();
        String buildStyleVersionStamp = buildStyleVersionStamp(str);
        if (str == null) {
            str = "defaultrisc";
        }
        StringBuffer stringBuffer = new StringBuffer();
        ArrayList<String> arrayList = new ArrayList(WebResourceClassloaderReader.getFilesInPathDirectory("eclntjsfserver/styles/" + str + "/", ".js"));
        Collections.sort(arrayList);
        for (String str2 : arrayList) {
            if (!str2.equals("riscstyle.js")) {
                stringBuffer.append("\n<script type=\"text/javascript\" src=\"" + ESAPI.encoder().encodeForHTMLAttribute("eclntjsfserver/styles/" + str + "/" + str2 + buildStyleVersionStamp) + "\"></script>");
            }
        }
        stringBuffer.append("\n");
        String readUTF8FileIntoString = WebResourceClassloaderReader.readUTF8FileIntoString("eclnt/risc/includelist.txt.dev", false);
        if (readUTF8FileIntoString == null || readUTF8FileIntoString.equals("")) {
            readUTF8FileIntoString = WebResourceClassloaderReader.readUTF8FileIntoString("eclnt/risc/includelist.txt", true);
        }
        stringBuffer.append(readUTF8FileIntoString.replace("\"></script>", buildVersionStamp + "\"></script>"));
        ArrayList arrayList2 = new ArrayList(WebResourceClassloaderReader.getFilesInPathDirectory("eclnt/risc/plugin/", ".js"));
        Collections.sort(arrayList2);
        Iterator it = arrayList2.iterator();
        while (it.hasNext()) {
            stringBuffer.append("\n<script type=\"text/javascript\" src=\"" + ESAPI.encoder().encodeForHTMLAttribute("eclnt/risc/plugin/" + ((String) it.next()) + buildVersionStamp) + "\"></script>");
        }
        stringBuffer.append("\n");
        for (SystemXml.RISCClientScript rISCClientScript : SystemXml.getRISCClientScripts()) {
            stringBuffer.append("\n<script type=\"" + ESAPI.encoder().encodeForHTMLAttribute(rISCClientScript.getType()) + "\" src=\"" + ESAPI.encoder().encodeForHTMLAttribute(rISCClientScript.getSrc() + buildVersionStamp) + "\"></script>");
        }
        return stringBuffer.toString();
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x006e  */
    /* JADX WARN: Removed duplicated region for block: B:9:0x005a A[RETURN] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void resetBuffers(javax.servlet.http.HttpServletRequest r5) {
        /*
            org.owasp.esapi.Encoder r0 = org.owasp.esapi.ESAPI.encoder()
            r1 = r5
            java.lang.String r2 = "cclogtoconsole"
            java.lang.String r1 = r1.getParameter(r2)
            java.lang.String r0 = r0.encodeForJavaScript(r1)
            r6 = r0
            org.owasp.esapi.Encoder r0 = org.owasp.esapi.ESAPI.encoder()
            r1 = r5
            java.lang.String r2 = "ccloglevel"
            java.lang.String r1 = r1.getParameter(r2)
            java.lang.String r0 = r0.encodeForJavaScript(r1)
            r7 = r0
            org.owasp.esapi.Encoder r0 = org.owasp.esapi.ESAPI.encoder()
            r1 = r5
            java.lang.String r2 = "ccresetbuffers"
            java.lang.String r1 = r1.getParameter(r2)
            java.lang.String r0 = r0.encodeForJavaScript(r1)
            r8 = r0
            r0 = r5
            java.lang.StringBuffer r0 = r0.getRequestURL()     // Catch: java.lang.Throwable -> L5e
            java.lang.String r0 = r0.toString()     // Catch: java.lang.Throwable -> L5e
            r9 = r0
            r0 = r9
            java.lang.String r1 = "http://localhost"
            boolean r0 = r0.startsWith(r1)     // Catch: java.lang.Throwable -> L5e
            if (r0 != 0) goto L52
            r0 = r9
            java.lang.String r1 = "https://localhost"
            boolean r0 = r0.startsWith(r1)     // Catch: java.lang.Throwable -> L5e
            if (r0 == 0) goto L56
        L52:
            r0 = 1
            goto L57
        L56:
            r0 = 0
        L57:
            if (r0 != 0) goto L5b
            return
        L5b:
            goto L6e
        L5e:
            r9 = move-exception
            org.eclnt.util.log.CLogLogger r0 = org.eclnt.util.log.CLog.L
            java.util.logging.Level r1 = org.eclnt.util.log.CLog.LL_INF
            java.lang.String r2 = ""
            r3 = r9
            r0.log(r1, r2, r3)
            return
        L6e:
            java.lang.String r0 = "true"
            r1 = r8
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto L7a
            org.eclnt.jsfserver.util.CCInitialize.resetBuffers()
        L7a:
            java.lang.String r0 = "true"
            r1 = r6
            boolean r0 = r0.equals(r1)     // Catch: java.lang.Throwable -> L98
            if (r0 == 0) goto L89
            org.eclnt.util.log.CLog.addConsoleHandler()     // Catch: java.lang.Throwable -> L98
            goto L95
        L89:
            java.lang.String r0 = "false"
            r1 = r6
            boolean r0 = r0.equals(r1)     // Catch: java.lang.Throwable -> L98
            if (r0 == 0) goto L95
            org.eclnt.util.log.CLog.removeConsoleHandler()     // Catch: java.lang.Throwable -> L98
        L95:
            goto La7
        L98:
            r9 = move-exception
            org.eclnt.util.log.CLogLogger r0 = org.eclnt.util.log.CLog.L
            java.util.logging.Level r1 = org.eclnt.util.log.CLog.LL_INF
            java.lang.String r2 = ""
            r3 = r9
            r0.log(r1, r2, r3)
        La7:
            r0 = r7
            if (r0 == 0) goto Lb2
            r0 = r7
            java.util.logging.Level r0 = java.util.logging.Level.parse(r0)     // Catch: java.lang.Throwable -> Lb5
            org.eclnt.util.log.CLog.updateLogLevel(r0)     // Catch: java.lang.Throwable -> Lb5
        Lb2:
            goto Lc4
        Lb5:
            r9 = move-exception
            org.eclnt.util.log.CLogLogger r0 = org.eclnt.util.log.CLog.L
            java.util.logging.Level r1 = org.eclnt.util.log.CLog.LL_INF
            java.lang.String r2 = ""
            r3 = r9
            r0.log(r1, r2, r3)
        Lc4:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: org.eclnt.jsfserver.starter.RISCStarter.resetBuffers(javax.servlet.http.HttpServletRequest):void");
    }

    public static String buildVersionStamp() {
        String buildVersionStamp;
        return (s_versionStamp == null || (buildVersionStamp = s_versionStamp.buildVersionStamp()) == null) ? "?version=" + VersionXml.getVersion() : buildVersionStamp;
    }

    public static String buildStyleVersionStamp(String str) {
        String buildStyleVersionStamp;
        if (s_versionStamp != null && (buildStyleVersionStamp = s_versionStamp.buildStyleVersionStamp()) != null) {
            return buildStyleVersionStamp;
        }
        String buildVersionStamp = buildVersionStamp();
        if (!str.startsWith("default") && !str.startsWith("cc")) {
            return buildVersionStamp + "_" + System.currentTimeMillis();
        }
        return buildVersionStamp;
    }

    protected String findePageFolderPrefix() {
        return "faces/";
    }

    protected String findPageExtension() {
        return ".jsp";
    }

    protected String findRiscExtension() {
        return ".risc";
    }

    protected String unescapeSlashes(String str) {
        if (str == null) {
            return null;
        }
        return str.replace("&#x2f;", "/");
    }

    protected void manageHeaderParametersIframeEmbedding(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            if (checkIfInEditorPreviewMode(httpServletRequest)) {
                return;
            }
            String lowerCaseId = ValueManager.toLowerCaseId(SystemXml.getRiscStarter().getEmbedableasiframe());
            if (!"true".equals(lowerCaseId)) {
                if ("false".equals(lowerCaseId) || "deny".equals(lowerCaseId)) {
                    httpServletResponse.setHeader("X-Frame-Options", "deny");
                } else {
                    httpServletResponse.setHeader("X-Frame-Options", "sameorigin");
                }
            }
        } catch (SecurityException e) {
            CLog.L.log(CLog.LL_ERR, "Problem when managing X-Frame-Options", (Throwable) e);
            throw new Error(e);
        } catch (Throwable th) {
            CLog.L.log(CLog.LL_ERR, "Problem when managing X-Frame-Options", th);
        }
    }

    protected boolean checkIfInEditorPreviewMode(HttpServletRequest httpServletRequest) throws SecurityException {
        if (!"true".equals(httpServletRequest.getParameter(ThreadingFilter.SESSION_ATTRIBUTE_PREVIEW))) {
            return false;
        }
        if (httpServletRequest.getRequestURL().toString().contains("zz_cceditoraround.risc")) {
            return true;
        }
        CLog.L.log(CLog.LL_ERR, "Query parameter cc_preview is set to true. But: the page is not called in the context of the layout editor environment!");
        throw new SecurityException("Security alert: preview mode is set, but call is not coming from editing environment!");
    }
}
