package com.beiming.odr.usergateway.interceptor;

import com.beiming.framework.enums.APIResultCodeEnums;
import com.beiming.framework.exception.APIBusinessException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:WEB-INF/classes/com/beiming/odr/usergateway/interceptor/CRLFInterceptor.class */
public class CRLFInterceptor extends HandlerInterceptorAdapter {
    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (StringUtils.isEmpty("<>?''/？")) {
            return true;
        }
        String str = "[<>?''/？]{1,}";
        if ("GET".equals(httpServletRequest.getMethod())) {
            if (URLFilter.checkSpecials(httpServletRequest.getQueryString(), str)) {
                throw new APIBusinessException(APIResultCodeEnums.ILLEGAL_PARAMETER, "你提交的数据中包含特殊<>?''/？");
            }
            return true;
        }
        if (URLFilter.checkSpecials(httpServletRequest, str)) {
            throw new APIBusinessException(APIResultCodeEnums.ILLEGAL_PARAMETER, "你提交的数据中包含特殊<>?''/？");
        }
        return true;
    }
}
