package eu.webtoolkit.jwt;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/webtoolkit/jwt/XSSUtils.class */
class XSSUtils {
    private static Logger logger = LoggerFactory.getLogger(XSSUtils.class);

    XSSUtils() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isBadTag(String str) {
        return str.equalsIgnoreCase("script") || str.equalsIgnoreCase("applet") || str.equalsIgnoreCase("object") || str.equalsIgnoreCase("iframe") || str.equalsIgnoreCase("frame") || str.equalsIgnoreCase("layer") || str.equalsIgnoreCase("ilayer") || str.equalsIgnoreCase("frameset") || str.equalsIgnoreCase("link") || str.equalsIgnoreCase("meta") || str.equalsIgnoreCase("title") || str.equalsIgnoreCase("base") || str.equalsIgnoreCase("basefont") || str.equalsIgnoreCase("bgsound") || str.equalsIgnoreCase("head") || str.equalsIgnoreCase("body") || str.equalsIgnoreCase("embed") || str.equalsIgnoreCase("style") || str.equalsIgnoreCase("comment") || str.equalsIgnoreCase("blink");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isBadAttribute(String str) {
        return StringUtils.startsWithIgnoreCase(str, "on") || StringUtils.startsWithIgnoreCase(str, "data") || str.equalsIgnoreCase("dynsrc") || str.equalsIgnoreCase("id") || str.equalsIgnoreCase("autofocus") || str.equalsIgnoreCase("name") || str.equalsIgnoreCase("repeat-start") || str.equalsIgnoreCase("repeat-end") || str.equalsIgnoreCase("repeat") || str.equalsIgnoreCase("pattern");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isBadAttributeValue(String str, String str2) {
        if (str.equalsIgnoreCase("action") || str.equalsIgnoreCase("background") || str.equalsIgnoreCase("codebase") || str.equalsIgnoreCase("dynsrc") || str.equalsIgnoreCase("href") || str.equalsIgnoreCase("formaction") || str.equalsIgnoreCase("poster") || str.equalsIgnoreCase("src")) {
            return StringUtils.startsWithIgnoreCase(str2, "javascript:") || StringUtils.startsWithIgnoreCase(str2, "vbscript:") || StringUtils.startsWithIgnoreCase(str2, "about:") || StringUtils.startsWithIgnoreCase(str2, "chrome:") || StringUtils.startsWithIgnoreCase(str2, "data:") || StringUtils.startsWithIgnoreCase(str2, "disk:") || StringUtils.startsWithIgnoreCase(str2, "hcp:") || StringUtils.startsWithIgnoreCase(str2, "help:") || StringUtils.startsWithIgnoreCase(str2, "livescript") || StringUtils.startsWithIgnoreCase(str2, "lynxcgi:") || StringUtils.startsWithIgnoreCase(str2, "lynxexec:") || StringUtils.startsWithIgnoreCase(str2, "ms-help:") || StringUtils.startsWithIgnoreCase(str2, "ms-its:") || StringUtils.startsWithIgnoreCase(str2, "mhtml:") || StringUtils.startsWithIgnoreCase(str2, "mocha:") || StringUtils.startsWithIgnoreCase(str2, "opera:") || StringUtils.startsWithIgnoreCase(str2, "res:") || StringUtils.startsWithIgnoreCase(str2, "resource:") || StringUtils.startsWithIgnoreCase(str2, "shell:") || StringUtils.startsWithIgnoreCase(str2, "view-source:") || StringUtils.startsWithIgnoreCase(str2, "vnd.ms.radio:") || StringUtils.startsWithIgnoreCase(str2, "wysiwyg:");
        }
        if (str.equalsIgnoreCase("style")) {
            return StringUtils.containsIgnoreCase(str2, "absolute") || StringUtils.containsIgnoreCase(str2, "behaviour") || StringUtils.containsIgnoreCase(str2, "behavior") || StringUtils.containsIgnoreCase(str2, "content") || StringUtils.containsIgnoreCase(str2, "expression") || StringUtils.containsIgnoreCase(str2, "fixed") || StringUtils.containsIgnoreCase(str2, "include-source") || StringUtils.containsIgnoreCase(str2, "moz-binding") || StringUtils.containsIgnoreCase(str2, "javascript");
        }
        return false;
    }
}
