package org.directwebremoting;

import com.google.gdata.data.analytics.Engagement;
import net.sf.json.util.JSONUtils;
import org.apache.xml.serializer.SerializerConstants;

/* loaded from: input_file:WEB-INF/lib/dwr-3.0.RC1.jar:org/directwebremoting/Security.class */
public class Security {
    public static String escapeHtml(String str) {
        return str.replace("&", "&amp;").replace(Engagement.Comparison.LT, SerializerConstants.ENTITY_LT).replace(Engagement.Comparison.GT, SerializerConstants.ENTITY_GT).replace(JSONUtils.SINGLE_QUOTE, "&apos;").replace(JSONUtils.DOUBLE_QUOTE, SerializerConstants.ENTITY_QUOT);
    }

    public static String unescapeHtml(String str) {
        return str.replace("&amp;", "&").replace(SerializerConstants.ENTITY_LT, Engagement.Comparison.LT).replace(SerializerConstants.ENTITY_GT, Engagement.Comparison.GT).replace("&apos;", JSONUtils.SINGLE_QUOTE).replace(SerializerConstants.ENTITY_QUOT, JSONUtils.DOUBLE_QUOTE);
    }

    public static String replaceXmlCharacters(String str) {
        return str.replace("&", "+").replace(Engagement.Comparison.LT, "‹").replace(Engagement.Comparison.GT, "›").replace(JSONUtils.SINGLE_QUOTE, "‘").replace(JSONUtils.DOUBLE_QUOTE, "“");
    }

    public static boolean containsXssRiskyCharacters(String str) {
        return (str.indexOf(38) == -1 && str.indexOf(60) == -1 && str.indexOf(62) == -1 && str.indexOf(39) == -1 && str.indexOf(34) == -1) ? false : true;
    }
}
