package org.dexss;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/dexss/Test.class */
public class Test implements DeXSSChangeListener {
    boolean changed = false;
    boolean showChanges = true;
    StringWriter changeLog = null;
    boolean showRender = false;
    PrintWriter changeLogWriter = new PrintWriter(System.err);
    PrintWriter resultsWriter = new PrintWriter(System.out);

    @Override // org.dexss.DeXSSChangeListener
    public void logXSSChange(String str) {
        if (this.showChanges) {
            this.changeLogWriter.println("* " + str);
        }
        this.changed = true;
    }

    @Override // org.dexss.DeXSSChangeListener
    public void logXSSChange(String str, String str2) {
        if (this.showChanges) {
            this.changeLogWriter.println("* " + str + " " + str2);
        }
        this.changed = true;
    }

    @Override // org.dexss.DeXSSChangeListener
    public void logXSSChange(String str, String str2, String str3) {
        if (this.showChanges) {
            this.changeLogWriter.println("* " + str + " " + str2 + " " + str3);
        }
        this.changed = true;
    }

    private boolean isChanged() {
        return this.changed;
    }

    private void resetChanged() {
        this.changed = false;
    }

    public static void main(String[] strArr) throws Exception {
        new Test().test(strArr);
    }

    private void test(String[] strArr) throws IOException, SAXException, ParserConfigurationException, XPathExpressionException {
        if (strArr.length > 0) {
            boolean equals = strArr[0].equals("-");
            boolean equals2 = strArr[0].equals("--control");
            boolean equals3 = strArr[0].equals("--htmlout");
            String str = strArr.length > 1 ? strArr[1] : null;
            String str2 = equals3 ? strArr[2] : null;
            String str3 = equals3 ? str2 + "/index.html" : null;
            if (equals) {
                for (int i = 1; i < strArr.length; i++) {
                    testOne(strArr[i], "arg " + i);
                }
            } else if (equals2 || equals3) {
                if (equals3) {
                    this.resultsWriter.close();
                    this.resultsWriter = new PrintWriter(new FileWriter(str3));
                    this.resultsWriter.println("<html><head><title>DeXSS Results</title>");
                    this.resultsWriter.println("<style type='text/css'>.scroll {overflow:auto; width:100%;}.even {background:#EAEAEA;}thead th {border-bottom:1px solid #000;}pre strong {color:#00C;}pre .linebreak {color:#AAA;font-weight:100;}</style>");
                    this.resultsWriter.println("</head>");
                    this.resultsWriter.println("<body>");
                    this.resultsWriter.println("<h1>DeXSS Results</h1>");
                    this.resultsWriter.println("<p>This page attempts to mimic for formatting of <a href=\"http://htmlpurifier.org/live/smoketests/xssAttacks.php\">HTML Purifier</a> results.</p>");
                    this.resultsWriter.println("<table>");
                    this.resultsWriter.println("<tr>");
                    this.resultsWriter.println("<th>Name</th>");
                    this.resultsWriter.println("<th>Input</th>");
                    this.resultsWriter.println("<th>Output</th>");
                    this.resultsWriter.println("<th>Comments</th>");
                    if (this.showRender) {
                        this.resultsWriter.println("<th>Render</th>");
                    }
                    this.resultsWriter.println("</tr>");
                    this.resultsWriter.close();
                }
                NodeList selectNodes = selectNodes(DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new File(str)), "/xss/attack");
                int length = selectNodes.getLength();
                for (int i2 = 0; i2 < length; i2++) {
                    Element element = (Element) selectNodes.item(i2);
                    String valueOf = valueOf(element, "name");
                    String valueOf2 = valueOf(element, "code");
                    if (equals2) {
                        testOne(valueOf2, valueOf);
                    } else {
                        if (!equals3) {
                            throw new RuntimeException("can't happen");
                        }
                        printOne(valueOf2, valueOf, i2, str2);
                    }
                }
                this.resultsWriter.println("</table></body></html>");
            } else {
                new StringWriter();
                for (String str4 : strArr) {
                    testOne(readFile(str4), str4);
                }
            }
        }
        this.resultsWriter.flush();
    }

    private void testOne(String str, String str2) throws IOException, SAXException {
        this.resultsWriter.println("* " + str2);
        String process = new DeXSS().process(str, this);
        if (isChanged()) {
            this.resultsWriter.println("- " + str2 + " changed");
            this.resultsWriter.println("In: " + str);
            this.resultsWriter.println("Out: " + process);
        } else if (process.length() == 0) {
            this.resultsWriter.println("- " + str2 + " deleted ");
            this.resultsWriter.println("In: " + str);
        } else if (process.equalsIgnoreCase(str)) {
            this.resultsWriter.println("+ " + str2 + " unchanged ");
            this.resultsWriter.println("In: " + str);
        } else {
            this.resultsWriter.println("+ " + str2 + " possibly unchanged ");
            this.resultsWriter.println("In: " + str);
            this.resultsWriter.println("Out: " + process);
        }
        resetChanged();
    }

    private String wrap(String str) {
        return str.length() < 32 ? str : str.substring(0, 32) + "<br />" + wrap(str.substring(32));
    }

    private String escape(String str) {
        return str.replace("&", "&amp;").replace("<", "&lt;").replace(">", "&gt;").replace("\"", "&#34;").replace("'", "&#39;").replace("\\", "&#92;");
    }

    private void printOne(String str, String str2, int i, String str3) throws IOException, SAXException {
        this.resultsWriter.print("<tr class=\"" + (i % 2 == 0 ? "even" : "odd") + "\"><td>" + str2 + "</td>");
        this.changeLog = new StringWriter();
        this.changeLogWriter = new PrintWriter(this.changeLog);
        StringWriter stringWriter = new StringWriter();
        new DeXSS().process(str, this);
        stringWriter.close();
        String obj = stringWriter.toString();
        int length = obj.length() - 1;
        if (obj.charAt(length) == '\n') {
            obj = obj.substring(0, length);
        }
        this.resultsWriter.print("<td>");
        String wrap = wrap(escape(str));
        this.resultsWriter.print(wrap);
        this.resultsWriter.print("</td>");
        this.resultsWriter.print("<td>");
        this.resultsWriter.print(wrap(escape(obj)));
        this.resultsWriter.print("</td>");
        this.resultsWriter.print("<td>");
        this.resultsWriter.print(this.changeLog.toString());
        if (isChanged()) {
            this.resultsWriter.println("changed");
        } else if (obj.length() == 0) {
            this.resultsWriter.println("deleted");
        } else if (obj.equalsIgnoreCase(str)) {
            this.resultsWriter.println("unchanged");
        } else {
            this.resultsWriter.println("possibly unchanged, length " + obj.length());
        }
        this.resultsWriter.println("</td>");
        this.changeLogWriter.flush();
        resetChanged();
        String str4 = i + ".html";
        this.resultsWriter.println("<td>");
        this.resultsWriter.print("<a href=\"" + str4 + "\">" + i + "</a>");
        this.resultsWriter.println("</td>");
        this.resultsWriter.println("</tr>");
        PrintWriter printWriter = new PrintWriter(new FileWriter(new File(str3 + "/" + str4)));
        printWriter.println("<html><head><title>Test " + str2 + "</title></head>");
        printWriter.println("<body>");
        printWriter.print("<h1>Test " + str2 + "</h1>");
        printWriter.print("<h2>Code</h2>");
        printWriter.print("<pre>");
        printWriter.println(wrap);
        printWriter.println("</pre><hr />");
        printWriter.println("<h2>Rendered</h2>");
        printWriter.println("<!-- XSS Begin -->");
        printWriter.print(obj);
        printWriter.println("<!-- XSS End -->");
        printWriter.println("</body></html>");
        printWriter.close();
    }

    private NodeList selectNodes(Document document, String str) throws XPathExpressionException {
        return (NodeList) XPathFactory.newInstance().newXPath().evaluate(str, document, XPathConstants.NODESET);
    }

    private NodeList selectNodes(Element element, String str) throws XPathExpressionException {
        return (NodeList) XPathFactory.newInstance().newXPath().evaluate(str, element, XPathConstants.NODESET);
    }

    private String valueOf(Element element, String str) throws XPathExpressionException {
        return (String) XPathFactory.newInstance().newXPath().evaluate(str, element, XPathConstants.STRING);
    }

    private String readFile(String str) throws IOException {
        BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
        StringWriter stringWriter = new StringWriter();
        while (true) {
            int read = bufferedReader.read();
            if (read == -1) {
                bufferedReader.close();
                stringWriter.close();
                return stringWriter.toString();
            }
            stringWriter.write(read);
        }
    }
}
