package org.springframework.cloud.gateway.filter.factory;

import java.util.List;
import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.support.GatewayToStringStyler;
import org.springframework.http.HttpHeaders;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:BOOT-INF/lib/spring-cloud-gateway-core-2.2.5.RELEASE.jar:org/springframework/cloud/gateway/filter/factory/SecureHeadersGatewayFilterFactory.class */
public class SecureHeadersGatewayFilterFactory extends AbstractGatewayFilterFactory {
    public static final String X_XSS_PROTECTION_HEADER = "X-Xss-Protection";
    public static final String STRICT_TRANSPORT_SECURITY_HEADER = "Strict-Transport-Security";
    public static final String X_FRAME_OPTIONS_HEADER = "X-Frame-Options";
    public static final String X_CONTENT_TYPE_OPTIONS_HEADER = "X-Content-Type-Options";
    public static final String REFERRER_POLICY_HEADER = "Referrer-Policy";
    public static final String CONTENT_SECURITY_POLICY_HEADER = "Content-Security-Policy";
    public static final String X_DOWNLOAD_OPTIONS_HEADER = "X-Download-Options";
    public static final String X_PERMITTED_CROSS_DOMAIN_POLICIES_HEADER = "X-Permitted-Cross-Domain-Policies";
    private final SecureHeadersProperties properties;

    public SecureHeadersGatewayFilterFactory(SecureHeadersProperties secureHeadersProperties) {
        this.properties = secureHeadersProperties;
    }

    @Override // org.springframework.cloud.gateway.filter.factory.GatewayFilterFactory
    public GatewayFilter apply(Object obj) {
        return new GatewayFilter() { // from class: org.springframework.cloud.gateway.filter.factory.SecureHeadersGatewayFilterFactory.1
            @Override // org.springframework.cloud.gateway.filter.GatewayFilter
            public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
                HttpHeaders headers = serverWebExchange.getResponse().getHeaders();
                List<String> disable = SecureHeadersGatewayFilterFactory.this.properties.getDisable();
                if (SecureHeadersGatewayFilterFactory.this.isEnabled(disable, SecureHeadersGatewayFilterFactory.X_XSS_PROTECTION_HEADER)) {
                    headers.add(SecureHeadersGatewayFilterFactory.X_XSS_PROTECTION_HEADER, SecureHeadersGatewayFilterFactory.this.properties.getXssProtectionHeader());
                }
                if (SecureHeadersGatewayFilterFactory.this.isEnabled(disable, "Strict-Transport-Security")) {
                    headers.add("Strict-Transport-Security", SecureHeadersGatewayFilterFactory.this.properties.getStrictTransportSecurity());
                }
                if (SecureHeadersGatewayFilterFactory.this.isEnabled(disable, "X-Frame-Options")) {
                    headers.add("X-Frame-Options", SecureHeadersGatewayFilterFactory.this.properties.getFrameOptions());
                }
                if (SecureHeadersGatewayFilterFactory.this.isEnabled(disable, "X-Content-Type-Options")) {
                    headers.add("X-Content-Type-Options", SecureHeadersGatewayFilterFactory.this.properties.getContentTypeOptions());
                }
                if (SecureHeadersGatewayFilterFactory.this.isEnabled(disable, "Referrer-Policy")) {
                    headers.add("Referrer-Policy", SecureHeadersGatewayFilterFactory.this.properties.getReferrerPolicy());
                }
                if (SecureHeadersGatewayFilterFactory.this.isEnabled(disable, "Content-Security-Policy")) {
                    headers.add("Content-Security-Policy", SecureHeadersGatewayFilterFactory.this.properties.getContentSecurityPolicy());
                }
                if (SecureHeadersGatewayFilterFactory.this.isEnabled(disable, "X-Download-Options")) {
                    headers.add("X-Download-Options", SecureHeadersGatewayFilterFactory.this.properties.getDownloadOptions());
                }
                if (SecureHeadersGatewayFilterFactory.this.isEnabled(disable, SecureHeadersGatewayFilterFactory.X_PERMITTED_CROSS_DOMAIN_POLICIES_HEADER)) {
                    headers.add(SecureHeadersGatewayFilterFactory.X_PERMITTED_CROSS_DOMAIN_POLICIES_HEADER, SecureHeadersGatewayFilterFactory.this.properties.getPermittedCrossDomainPolicies());
                }
                return gatewayFilterChain.filter(serverWebExchange);
            }

            public String toString() {
                return GatewayToStringStyler.filterToStringCreator(SecureHeadersGatewayFilterFactory.this).toString();
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isEnabled(List<String> list, String str) {
        return !list.contains(str.toLowerCase());
    }
}
