package com.xdja.cssp.oms.web.util;

import com.xdja.platform.log.Logger;
import com.xdja.platform.log.LoggerFactory;
import java.io.FileNotFoundException;
import org.apache.commons.lang3.StringEscapeUtils;
import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.Policy;
import org.owasp.validator.html.PolicyException;
import org.owasp.validator.html.ScanException;

/* loaded from: input_file:WEB-INF/classes/com/xdja/cssp/oms/web/util/XSSEscapeUtils.class */
public class XSSEscapeUtils {
    protected static final Logger logger = LoggerFactory.getLogger(XSSEscapeUtils.class);

    public static String cleanWithPolicy(String str) {
        String str2 = "";
        String str3 = String.valueOf(XSSEscapeUtils.class.getResource("/").getFile()) + "antisamy-xdja.xml";
        try {
            str2 = new AntiSamy().scan(str, Policy.getInstance(str3)).getCleanHTML();
        } catch (PolicyException e) {
            if (e.getCause().getClass().equals(FileNotFoundException.class)) {
                logger.error("找不到XSS策略文件：" + str3);
            } else {
                logger.error("加载xss策略文件异常，异常信息为：" + e.getMessage());
            }
        } catch (ScanException e2) {
            logger.error("根据策略清理输入数据异常，异常信息为：" + e2.getMessage());
        }
        return str2;
    }

    public static String simpleClean(String str) {
        return StringEscapeUtils.escapeHtml4(str);
    }
}
