package me.yukitale.cryptoexchange.exchange.security.xss;

import com.sun.istack.localization.Localizable;
import org.apache.batik.util.SVGConstants;
import org.jsoup.Jsoup;
import org.jsoup.safety.Safelist;
import org.owasp.esapi.ESAPI;
import org.owasp.html.HtmlPolicyBuilder;

/* loaded from: input_file:BOOT-INF/classes/me/yukitale/cryptoexchange/exchange/security/xss/XSSUtils.class */
public final class XSSUtils {
    public static String sanitize(String str) {
        return new HtmlPolicyBuilder().allowStandardUrlProtocols().allowStyling().allowCommonBlockElements().allowCommonInlineFormattingElements().allowAttributes("style").globally().allowElements(SVGConstants.SVG_A_TAG).allowAttributes("href").onElements(SVGConstants.SVG_A_TAG).allowAttributes("class").onElements(SVGConstants.SVG_A_TAG).toFactory().sanitize(str);
    }

    public static String stripXSS(String str) {
        if (str == null) {
            return null;
        }
        return Jsoup.clean(ESAPI.encoder().canonicalize(str.replace("\\n", "[NEW_LINE]")).replaceAll(Localizable.NOT_LOCALIZABLE, ""), Safelist.none()).replace("[NEW_LINE]", "\\n");
    }

    private XSSUtils() {
        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
    }
}
