package com.atlassian.jira.collector.plugin.transformer;

import com.atlassian.core.filters.AbstractHttpFilter;
import com.atlassian.extras.common.log.Logger;
import com.atlassian.jira.util.JiraUrlCodec;
import com.atlassian.jira.util.http.JiraUrl;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/atlassian/jira/collector/plugin/transformer/ForgedBootstrapBaseUrlProtectorFilter.class */
public class ForgedBootstrapBaseUrlProtectorFilter extends AbstractHttpFilter {
    private static final String BASE_URL_PARAM = "currentBaseUrl";
    public static final String BASE_URL_ATTR = ForgedBootstrapBaseUrlProtectorFilter.class.getName() + ":baseUrl";

    protected void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        String queryString = httpServletRequest.getQueryString();
        if (httpServletRequest.getParameterMap().containsKey(BASE_URL_PARAM)) {
            Logger.getInstance(getClass()).error(String.format("Suspicious request containing %s param: %s", BASE_URL_PARAM, httpServletRequest.getRequestURL().append("?").append(queryString).toString()));
            httpServletResponse.sendError(403);
            return;
        }
        String constructBaseUrl = JiraUrl.constructBaseUrl(httpServletRequest);
        httpServletRequest.setAttribute(BASE_URL_ATTR, constructBaseUrl);
        String str = "currentBaseUrl=" + JiraUrlCodec.encode(constructBaseUrl);
        final String str2 = queryString != null ? queryString + "&" + str : str;
        filterChain.doFilter(new HttpServletRequestWrapper(httpServletRequest) { // from class: com.atlassian.jira.collector.plugin.transformer.ForgedBootstrapBaseUrlProtectorFilter.1
            public String getQueryString() {
                return str2;
            }
        }, httpServletResponse);
    }
}
