package org.apache.knox.gateway.webappsec.filter;

import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:org/apache/knox/gateway/webappsec/filter/CSRFPreventionFilter.class */
public class CSRFPreventionFilter implements Filter {
    private static final String CUSTOM_HEADER_PARAM = "csrf.customheader";
    private static final String CUSTOM_METHODS_TO_IGNORE_PARAM = "csrf.methodstoignore";
    private String headerName = "X-XSRF-Header";
    private String mti = "GET,OPTIONS,HEAD";
    private Set<String> methodsToIgnore;

    public void init(FilterConfig filterConfig) throws ServletException {
        String initParameter = filterConfig.getInitParameter(CUSTOM_HEADER_PARAM);
        if (initParameter != null) {
            this.headerName = initParameter;
        }
        String initParameter2 = filterConfig.getInitParameter(CUSTOM_METHODS_TO_IGNORE_PARAM);
        if (initParameter2 != null) {
            this.mti = initParameter2;
        }
        String[] split = this.mti.split(",");
        this.methodsToIgnore = new HashSet();
        this.methodsToIgnore.addAll(Arrays.asList(split));
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (this.methodsToIgnore.contains(httpServletRequest.getMethod()) || httpServletRequest.getHeader(this.headerName) != null) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            ((HttpServletResponse) servletResponse).sendError(400, "Missing Required Header for Vulnerability Protection");
        }
    }

    public void destroy() {
    }
}
