package org.springframework.security.web.firewall;

import java.io.IOException;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;

/* loaded from: input_file:ingrid-interface-search-5.7.1/lib/spring-security-web-5.1.2.RELEASE.jar:org/springframework/security/web/firewall/FirewalledResponse.class */
class FirewalledResponse extends HttpServletResponseWrapper {
    private static final Pattern CR_OR_LF = Pattern.compile("\\r|\\n");
    private static final String LOCATION_HEADER = "Location";
    private static final String SET_COOKIE_HEADER = "Set-Cookie";

    public FirewalledResponse(HttpServletResponse httpServletResponse) {
        super(httpServletResponse);
    }

    @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
    public void sendRedirect(String str) throws IOException {
        validateCrlf("Location", str);
        super.sendRedirect(str);
    }

    @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
    public void setHeader(String str, String str2) {
        validateCrlf(str, str2);
        super.setHeader(str, str2);
    }

    @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
    public void addHeader(String str, String str2) {
        validateCrlf(str, str2);
        super.addHeader(str, str2);
    }

    @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
    public void addCookie(Cookie cookie) {
        if (cookie != null) {
            validateCrlf("Set-Cookie", cookie.getName());
            validateCrlf("Set-Cookie", cookie.getValue());
            validateCrlf("Set-Cookie", cookie.getPath());
            validateCrlf("Set-Cookie", cookie.getDomain());
            validateCrlf("Set-Cookie", cookie.getComment());
        }
        super.addCookie(cookie);
    }

    void validateCrlf(String str, String str2) {
        if (hasCrlf(str) || hasCrlf(str2)) {
            throw new IllegalArgumentException("Invalid characters (CR/LF) in header " + str);
        }
    }

    private boolean hasCrlf(String str) {
        return str != null && CR_OR_LF.matcher(str).find();
    }
}
