package coldfusion.filter;

import coldfusion.compiler.SemanticAnalyzer;
import coldfusion.runtime.ApplicationScope;
import coldfusion.runtime.ApplicationScopeTracker;
import coldfusion.runtime.CFBoolean;
import coldfusion.runtime.CFPage;
import coldfusion.runtime.Cast;
import coldfusion.runtime.JSONUtils;
import coldfusion.runtime.NeoException;
import coldfusion.runtime.NeoPageContext;
import coldfusion.runtime.Struct;
import coldfusion.runtime.TemplateProxy;
import coldfusion.server.ServiceFactory;
import coldfusion.wddx.WddxDeserializer;
import coldfusion.wddx.WddxSerializer;
import coldfusion.xml.XmlNodeList;
import java.io.ByteArrayOutputStream;
import java.io.PrintWriter;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.MediaType;
import org.apache.http.HttpVersion;
import org.xml.sax.InputSource;

/* loaded from: input_file:Disk1/InstData/Resource1.zip:$IA_PROJECT_DIR$/hotfix/dist_zg_ia_sf.jar:updates/chf20210020.jar:coldfusion/filter/FilterUtils.class */
public class FilterUtils {
    public static final String ARGUMENT_COLLECTION_FLAG = "coldfusion.argumentcollection.allowscopes";
    private static final String DOT_SEPARATOR = ".";
    public static final List<String> disabledScopesForArgumentCollection = new ArrayList(Arrays.asList("ARGUMENTCOLLECTION", "FILE", "CLIENT", "COOKIE", "CGI", "SERVER", "APPLICATION", "SESSION", "REQUEST", "CFHTTP", HttpVersion.HTTP, "CFFILE", SemanticAnalyzer.LOCAL, "THIS", "THISTAG", "THREAD", NeoPageContext.THREADSCOPE_NAME, "VARIABLES"));

    /* loaded from: input_file:Disk1/InstData/Resource1.zip:$IA_PROJECT_DIR$/hotfix/dist_zg_ia_sf.jar:updates/chf20210020.jar:coldfusion/filter/FilterUtils$InvalidArgumentCollectionException.class */
    public static class InvalidArgumentCollectionException extends NeoException {
        public String disabledScope;
        public String allScopes;
        public String jvmFlag;

        public InvalidArgumentCollectionException(String str, String str2, String str3) {
            this.disabledScope = str;
            this.allScopes = str2;
            this.jvmFlag = str3;
        }
    }

    /* loaded from: input_file:Disk1/InstData/Resource1.zip:$IA_PROJECT_DIR$/hotfix/dist_zg_ia_sf.jar:updates/chf20210020.jar:coldfusion/filter/FilterUtils$InvalidPlainReturnFormatTypeException.class */
    public static class InvalidPlainReturnFormatTypeException extends NeoException {
    }

    /* loaded from: input_file:Disk1/InstData/Resource1.zip:$IA_PROJECT_DIR$/hotfix/dist_zg_ia_sf.jar:updates/chf20210020.jar:coldfusion/filter/FilterUtils$InvalidQueryFormatException.class */
    public static class InvalidQueryFormatException extends NeoException {
        public String queryFormat;

        public InvalidQueryFormatException(String str) {
            this.queryFormat = CFPage.HTMLEditFormat(str);
        }
    }

    /* loaded from: input_file:Disk1/InstData/Resource1.zip:$IA_PROJECT_DIR$/hotfix/dist_zg_ia_sf.jar:updates/chf20210020.jar:coldfusion/filter/FilterUtils$InvalidReturnFormatException.class */
    public static class InvalidReturnFormatException extends NeoException {
        public String returnFormat;

        public InvalidReturnFormatException(String str) {
            this.returnFormat = CFPage.HTMLEditFormat(str);
        }
    }

    public static Map GetArgumentCollection(FusionContext fusionContext) throws Throwable {
        Struct struct;
        HttpServletRequest httpServletRequest = fusionContext.request;
        String str = (String) fusionContext.pageContext.findAttribute("url.argumentCollection");
        if (str == null) {
            str = (String) fusionContext.pageContext.findAttribute("form.argumentCollection");
        }
        if (str == null) {
            struct = new Struct();
        } else {
            String trim = str.trim();
            struct = trim.charAt(0) == '{' ? (Struct) JSONUtils.deserializeJSON(trim) : (Struct) WDDXDeserialize(trim);
        }
        if (!Boolean.getBoolean(ARGUMENT_COLLECTION_FLAG)) {
            Enumeration keys = struct.keys();
            while (keys.hasMoreElements()) {
                String obj = keys.nextElement().toString();
                if (obj.contains(".")) {
                    obj = obj.substring(0, obj.indexOf("."));
                }
                if (disabledScopesForArgumentCollection.contains(obj.toUpperCase())) {
                    throw new InvalidArgumentCollectionException(obj, disabledScopesForArgumentCollection.toString(), ARGUMENT_COLLECTION_FLAG);
                }
            }
        }
        UrlScope urlScope = (UrlScope) fusionContext.hiddenScope.get("URL");
        if (urlScope != null) {
            Iterator keys2 = urlScope.keys();
            while (keys2.hasNext()) {
                String str2 = (String) keys2.next();
                if (!str2.equalsIgnoreCase("method") && !str2.equalsIgnoreCase("argumentCollection") && !str2.equalsIgnoreCase("returnFormat")) {
                    struct.put(str2, urlScope.get(str2));
                }
            }
        }
        if (fusionContext.getRequest().getMethod().equalsIgnoreCase("post")) {
            Iterator keys3 = fusionContext.formScope.keys();
            while (keys3.hasNext()) {
                String str3 = (String) keys3.next();
                if (!str3.equalsIgnoreCase("method") && !str3.equalsIgnoreCase("argumentCollection") && !str3.equalsIgnoreCase("fieldNames") && !str3.equalsIgnoreCase("returnFormat")) {
                    struct.put(str3, fusionContext.formScope.get(str3));
                }
            }
            Object obj2 = fusionContext.hiddenScope.get("URL");
            if (obj2 instanceof UrlScope) {
                UrlScope urlScope2 = (UrlScope) obj2;
                Iterator keys4 = urlScope2.keys();
                while (keys4.hasNext()) {
                    String str4 = (String) keys4.next();
                    if (!str4.equalsIgnoreCase("method") && !str4.equalsIgnoreCase("argumentCollection") && !str4.equalsIgnoreCase("fieldNames") && !str4.equalsIgnoreCase("returnFormat")) {
                        struct.put(str4, urlScope2.get(str4));
                    }
                }
            }
        }
        String str5 = (String) httpServletRequest.getAttribute("cfcName");
        if (str5 != null) {
            struct.put("name", str5);
        }
        return struct;
    }

    public static String WDDXSerialize(Object obj) throws Throwable {
        WddxSerializer wddxSerializer = new WddxSerializer();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        wddxSerializer.serialize(obj, byteArrayOutputStream);
        return byteArrayOutputStream.toString("UTF8");
    }

    public static Object WDDXDeserialize(String str) throws Throwable {
        return new WddxDeserializer().deserialize(new InputSource(new StringReader(str)));
    }

    public static void printReturnValue(Object obj, NeoPageContext neoPageContext, FusionContext fusionContext, TemplateProxy templateProxy, String str, Map map) throws Throwable {
        String str2;
        if (obj != null) {
            PrintWriter writer = fusionContext.response.getWriter();
            String str3 = (String) neoPageContext.findAttribute("url.returnFormat");
            if (str3 == null) {
                str3 = (String) neoPageContext.findAttribute("form.returnFormat");
            }
            if (str3 != null) {
                str2 = ServiceFactory.getSecurityService().crossSiteProtectString(str3);
            } else {
                str2 = map != null ? (String) map.get("returnFormat") : null;
            }
            String trim = str2 == null ? null : str2.trim();
            if (trim == null || (trim != null && trim.equalsIgnoreCase("wddx"))) {
                if (!(obj instanceof XmlNodeList)) {
                    writer.print(WDDXSerialize(obj));
                    return;
                } else {
                    neoPageContext.getResponse().setContentType(MediaType.TEXT_XML);
                    writer.print(obj.toString());
                    return;
                }
            }
            if (trim.equalsIgnoreCase("plain")) {
                if (!(obj instanceof String) && !(obj instanceof Number) && !(obj instanceof Boolean) && !(obj instanceof CFBoolean) && !(obj instanceof Date) && !(obj instanceof XmlNodeList)) {
                    throw new InvalidPlainReturnFormatTypeException();
                }
                writer.print(obj);
                return;
            }
            if (!trim.equalsIgnoreCase("json")) {
                throw new InvalidReturnFormatException(trim);
            }
            String str4 = (String) neoPageContext.findAttribute("url.queryFormat");
            if (str4 == null) {
                str4 = (String) neoPageContext.findAttribute("form.queryFormat");
            }
            String str5 = null;
            if (str4 != null) {
                String trim2 = str4.trim();
                if (trim2.equalsIgnoreCase("column")) {
                    str5 = "column";
                } else if (trim2.equalsIgnoreCase("row")) {
                    str5 = "row";
                } else {
                    if (!trim2.equalsIgnoreCase(JSONUtils.STRUCT_QUERY_FORMAT)) {
                        throw new InvalidQueryFormatException(trim2);
                    }
                    str5 = JSONUtils.STRUCT_QUERY_FORMAT;
                }
            }
            if (str5 == null) {
                ApplicationScope applicationScope = ApplicationScopeTracker.getApplicationScope(FusionContext.getCurrent().getApplicationName());
                str5 = applicationScope == null ? "row" : applicationScope.getApplicationSettings().getSerializeQueryFormat();
            }
            Object obj2 = map != null ? map.get("secureJSON") : null;
            writer.print(obj2 != null ? JSONUtils.serializeJSON(obj, str5, Cast._boolean(obj2)) : JSONUtils.isJSON(obj) ? checkForDouble(obj) : JSONUtils.serializeJSON(obj, str5));
        }
    }

    private static String checkForDouble(Object obj) {
        return ((obj instanceof Double) && System.getProperty("json.numberasdouble", "false").equalsIgnoreCase("true")) ? obj.toString() : Cast._String(obj);
    }
}
