package com.appiancorp.security.headers;

import com.appiancorp.suite.SuiteConfiguration;
import com.appiancorp.suite.cfg.ConfigurationFactory;
import com.appiancorp.suite.cfg.FeatureToggleConfiguration;
import com.appiancorp.webapi.WebApiUrlConstructor;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/appiancorp/security/headers/AppianSecurityHeadersFilter.class */
public class AppianSecurityHeadersFilter implements Filter {
    private static final String PLUGIN_SERVLET_BASE_REL_PATH = "/plugins/servlet";
    private final String BASE_CONTEXT;
    private final boolean enableNoSniffContentTypeOptionsHeader;
    private final boolean enableReferrerPolicyHeader;

    public AppianSecurityHeadersFilter() {
        this((SuiteConfiguration) ConfigurationFactory.getConfiguration(SuiteConfiguration.class), (FeatureToggleConfiguration) ConfigurationFactory.getConfiguration(FeatureToggleConfiguration.class));
    }

    public AppianSecurityHeadersFilter(SuiteConfiguration suiteConfiguration, FeatureToggleConfiguration featureToggleConfiguration) {
        this.enableNoSniffContentTypeOptionsHeader = featureToggleConfiguration.isContentTypeOptionsNoSniffHeaderEnabled();
        this.enableReferrerPolicyHeader = featureToggleConfiguration.isReferrerPolicyHeaderEnabled();
        this.BASE_CONTEXT = '/' + suiteConfiguration.getContextPath();
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String replace = ((HttpServletRequest) servletRequest).getRequestURI().replace(this.BASE_CONTEXT, "");
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (this.enableNoSniffContentTypeOptionsHeader && !replace.startsWith(WebApiUrlConstructor.WEBAPI_SERVLET_URL) && !replace.startsWith(PLUGIN_SERVLET_BASE_REL_PATH)) {
            httpServletResponse.addHeader("X-Content-Type-Options", "nosniff");
        }
        if (this.enableReferrerPolicyHeader) {
            httpServletResponse.addHeader("Referrer-Policy", "strict-origin-when-cross-origin");
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
    }
}
