package com.lc.ibps.auth.shiro.filter;

import com.lc.ibps.base.web.util.RegMatchers;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/lc/ibps/auth/shiro/filter/CsrFilter.class */
public class CsrFilter extends BaseFilter {
    private RegMatchers matchers;

    public RegMatchers getMatchers() {
        return this.matchers;
    }

    public void setMatchers(RegMatchers regMatchers) {
        this.matchers = regMatchers;
    }

    @Override // com.lc.ibps.auth.shiro.filter.BaseFilter
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        String header = ((HttpServletRequest) servletRequest).getHeader("Referer");
        return null == header || header.indexOf(servletRequest.getServerName()) >= 0 || this.matchers.isContainUrl(header);
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        ((HttpServletResponse) servletResponse).sendRedirect(((HttpServletRequest) servletRequest).getContextPath() + this.errorUrl);
        return false;
    }
}
